The Cybersecurity and Infrastructure Security Agency (CISA) has recently sounded the alarm regarding two significant vulnerabilities that are currently being exploited in the wild. The vulnerabilities, identified as CVE-2026-20963 and CVE-2025-66376, have been added to CISA’s Known Exploited Vulnerabilities catalog, underscoring the urgency for organizations to address these threats.

Understanding the Vulnerabilities

The newly cataloged vulnerabilities present serious risks to enterprise systems, particularly for those utilizing Microsoft SharePoint and Zimbra applications. The details of the vulnerabilities are as follows:

• CVE-2026-20963: A deserialization vulnerability within Microsoft SharePoint that could allow unauthorized code execution. This flaw has been assigned a high severity score of 8.8 on the CVSS scale, indicating its potential impact on affected systems.
• CVE-2025-66376: Another critical vulnerability that has also drawn the attention of CISA due to its active exploitation. While specific details about its nature are less publicized, organizations are advised to prioritize patching this vulnerability as well.

The Threat Landscape

In addition to these vulnerabilities, CISA has highlighted the activity of ransomware actors exploiting other critical flaws, notably the CVE-2026-20131 zero-day vulnerability in Cisco’s Firepower Management Center (FMC). This vulnerability, which has been under active exploitation since January 26, 2026, has received the highest severity score of 10.0 on the CVSS scale, marking it as a severe threat.

Amazon’s cybersecurity teams have confirmed that the Interlock ransomware gang has been leveraging this zero-day flaw to gain initial access to networks across various sectors, including education, healthcare, and government. The targeting of these critical sectors emphasizes the need for organizations to remain vigilant and proactive in their cybersecurity measures.

Patch Deadlines and Recommendations

To mitigate the threats posed by these vulnerabilities, CISA has set specific deadlines for federal agencies:

• Patch CVE-2025-66376 by April 1, 2026
• Patch CVE-2026-20963 by March 23, 2026

These deadlines reflect the pressing need for organizations to act swiftly. CISA has recommended that all federal agencies and private sector organizations using these affected systems prioritize applying the relevant security patches as soon as they become available.

Why Prompt Action is Essential

The increasing trend of attacks on edge devices, particularly targeting vendors such as Cisco and Fortinet, highlights the evolving threat landscape. Cybercriminals are continually searching for vulnerabilities in widely used software and hardware, making it imperative for organizations to stay updated on the latest security threats and apply patches without delay.

Failing to address these vulnerabilities can lead to dire consequences, including data breaches, financial loss, and reputational damage. As ransomware attacks become more sophisticated and prevalent, organizations must bolster their defenses immediately.

Best Practices for Cyber Hygiene

In light of these vulnerabilities, organizations should not only focus on patching but also consider implementing broader cybersecurity best practices:

• Regular Updates: Ensure that all software and hardware are kept up to date with the latest security patches.
• Employee Training: Conduct regular training sessions for employees to recognize phishing attempts and other social engineering tactics.
• Incident Response Plans: Develop and regularly test incident response plans to ensure swift action in the event of a breach.
• Network Segmentation: Utilize network segmentation to limit the potential spread of malware and ransomware within an organization.
• Backup Data: Regularly back up critical data and verify the integrity of backups to facilitate recovery in case of an attack.

Conclusion

The warnings issued by CISA regarding CVE-2026-20963 and CVE-2025-66376 serve as a crucial reminder for organizations to prioritize cybersecurity. By taking proactive measures to patch vulnerabilities and adopting comprehensive cybersecurity strategies, organizations can significantly reduce their risk of falling victim to cyberattacks. As cyber threats continue to evolve, remaining vigilant and prepared is more important than ever.