2026-004: Critical Vulnerability in SharePoint Exploited

CERT-EU reports that Microsoft updated a January 2026 advisory to raise the severity of CVE-2026-20963 — an unauthenticated deserialization remote code execution vulnerability in Microsoft SharePoint (CVSS 9.8) — and that the issue was added to CISA's Known Exploited Vulnerabilities catalogue on 18 March 2026; CERT-EU urges immediate patching of affected SharePoint Server editions (prioritise internet-facing assets), enabling AMSI, deploying EDR, rotating ASP.NET machine keys and performing compromise assessments.