Search Results (24 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-21527 1 Microsoft 9 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 6 more 2026-06-15 6.5 Medium
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45500 1 Microsoft 7 Exchange Server 2016, Exchange Server 2019, Exchange Server Se and 4 more 2026-06-10 6.1 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45583 1 Microsoft 3 Exchange Server 2016, Exchange Server 2019, Exchange Server Se 2026-06-10 7.5 High
Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network.
CVE-2025-58107 1 Microsoft 4 Exchange, Exchange Server, Exchange Server 2016 and 1 more 2026-03-03 7.5 High
In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password.