Back to Live Pulse
Critical
Sharepoint server
Deserialization of Untrusted Data

CVE-2026-20963

Description

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.

Proof of Concept (POC) Links

Explore how this vulnerability can be reproduced or exploited.

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20963