April "In the Trend of VM" (#26): one Microsoft SharePoint vulnerability. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. Once again, it is single-vendor, Microsoft-related, and this time it could not be more compact. While the previous March edition had four trending vulnerabilities, this April edition has only one. In the upcoming May edition, we expect at least three trending vulnerabilities. 😉
🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)
This vulnerability is from the January Microsoft Patch Tuesday:
🔻 RCE - Microsoft SharePoint (CVE-2026-20963). The vulnerability was initially considered less critical due to an authentication requirement PR:L, but after Microsoft’s reassessment it turned out that authentication is not required for exploitation PR:N. The vulnerability has been added to the CISA KEV, meaning attackers are already exploiting it in the wild. There are no public exploits yet.
🟥 The full list of trending vulnerabilities is available on the portal
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю подписаться на мой канал @avleonovrus "Управление Уязвимостями и прочее" в MAX или в Telegram.