VulnHub

Real-time Cybersecurity News

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)

Help Net Security
Actively Exploited
2 Sources
Reporting on this topic
The Hacker NewsHelp Net Security
CVEMicrosoftVulnerabilityXSSCritical

Overview

Microsoft has issued a warning about a serious cross-site scripting (XSS) vulnerability, identified as CVE-2026-42897, affecting on-premises versions of Microsoft Exchange Server. This vulnerability allows unauthorized attackers to spoof users over a network, posing significant risks to organizations that have not yet applied any fixes. The affected versions include Microsoft Exchange Server Subscription Edition RTM, 2019, and 2016, while Exchange Online remains unaffected. Microsoft is currently working on a permanent fix, but until it is released, they have provided temporary mitigations for users to implement. Organizations using the affected versions should take immediate action to safeguard their systems from potential exploitation.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Microsoft Exchange Server Subscription Edition RTM, Microsoft Exchange Server 2019, Microsoft Exchange Server 2016
  • Action Required: Microsoft has provided temporary mitigations for the vulnerability while a permanent fix is in development.
  • Timeline: Disclosed on October 26, 2023

Original Article Summary

A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still in the works. In the meantime, Microsoft provided temporary mitigations. About CVE-2026-42897 CVE-2026-42897 affects on-premises versions of Microsoft Exchange Server: Subscription Edition RTM, 2019, and 2016. Exchange Online is not affected. Flagged by an anonymous researcher, the vulnerability allows an unauthorized attacker to perform spoofing over a network. “An attacker … More → The post Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) appeared first on Help Net Security.

Impact

Microsoft Exchange Server Subscription Edition RTM, Microsoft Exchange Server 2019, Microsoft Exchange Server 2016

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Disclosed on October 26, 2023

Remediation

Microsoft has provided temporary mitigations for the vulnerability while a permanent fix is in development. Users are advised to implement these mitigations immediately to protect against potential exploitation.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to CVE, Microsoft, Vulnerability, and 2 more.

Multiple Sources: This threat is being reported by 2 different security sources, indicating significant concern within the cybersecurity community.

Read Original Article

Related Coverage

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

The Hacker News

Microsoft has announced a serious security vulnerability affecting on-premise versions of Exchange Server, identified as CVE-2026-42897. This issue, which has a CVSS score of 8.1, is classified as a spoofing vulnerability that arises from a cross-site scripting flaw. The vulnerability has been confirmed to be actively exploited by attackers, which raises significant concerns for organizations still using on-premise Exchange Servers. An anonymous researcher discovered and reported the issue, signaling the need for prompt attention from IT security teams. Organizations must take immediate action to protect their systems and data from potential exploitation.

May 15, 2026