How to Run JavaScript

Exchange Server OWA Zero-Day CVE-2026-42897 Exploited With No Permanent Patch and New Mitigation Gaps

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...

ITWeb

Active Microsoft Exchange zero-day leaves organisations exposed

Hackers are already exploiting a cross-site scripting flaw in Microsoft Exchange Server, leaving organisations running ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results

Exchange Server OWA Zero-Day CVE-2026-42897 Exploited With No Permanent Patch and New Mitigation Gaps

Active Microsoft Exchange zero-day leaves organisations exposed

Trending now