CISA adds exploited Microsoft SharePoint flaw to KEV catalog and urges fast action

CISA has added a Microsoft SharePoint vulnerability, tracked as CVE-2026-20963, to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the wild. The agency added the flaw on March 18, 2026 and set a remediation deadline of March 21, 2026 for Federal Civilian Executive Branch agencies under Binding Operational Directive 22-01. The flaw affects […] The post CISA adds exploited Microsoft SharePoint flaw to KEV catalog and urges fast action appeared first on VPN Central.