1559 matches found
CVE-2026-55008
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-55006
Insufficient granularity of access control in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally...
CVE-2026-55009
Deserialization of untrusted data in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally...
CVE-2026-55009
CVE-2026-55009 describes a deserialization of untrusted data in Microsoft Exchange Server that enables a locally authenticated attacker to elevate privileges. The CVSSv3.1 details show a Local attack vector, Low attack complexity, Low privileges required, and No user interaction, with High impact...
CVE-2026-55009 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2026-55006
Microsoft Exchange Server vulnerability CVE-2026-55006: Insufficient granularity of access control enables local privilege escalation for an authorized attacker. Root cause: lack of fine-grained access controls. Impact: high confidentiality, integrity, and availability impact per CVSS 3.1 (AV:L/A...
CVE-2026-55008
CVE-2026-55008 affects Microsoft Exchange Server and is caused by improper neutralization of input during web page generation, enabling cross-site scripting. The NVD entry lists a high-severity CVSS 3.1 base score of 9.6 (NETWORK, LOW attack complexity, NONE privileges, user interaction required,...
CVE-2026-55006 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2026-55006 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2026-55008 Microsoft Exchange Server Spoofing Vulnerability
...
Description of the security update for Microsoft Exchange Server Subscription Edition RTM: July 14, 2026 (KB5103212)
None None...
Description of the security update for Microsoft Exchange Server 2016 CU23: July 14, 2026 (KB5103215)
None None...
Microsoft Exchange Server Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Exchange Server allows an authorized attacker to execute code over a network...
Microsoft Exchange Server Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-45501
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-35506
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-35681
Improper control of generation of code 'code injection' in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network...
EUVD-2026-35679
Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...
CVE-2026-45503
Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...
CVE-2026-45501
Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to perform spoofing over a network...