Microsoft has disclosed a vulnerability impacting on-premise versions of Exchange Server that is already seeing active exploitation in the wild. Tracked as CVE-2026-42897, the issue carries a CVSS score of 8.1 and affects Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition, while Exchange Online is not impacted. Microsoft describes it as a […]
The post CVE-2026-42897: Exchange Server OWA Spoofing Flaw Exploited via Crafted Email appeared first on SOC Prime.