21 matches found
EUVD-2026-41446
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
CVE-2026-54998
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
CVE-2026-54998
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
CVE-2026-54998 Microsoft Exchange Online Elevation of Privilege Vulnerability
...
CVE-2026-54998 Microsoft Exchange Online Elevation of Privilege Vulnerability
...
CVE-2026-54998
CVE-2026-54998 describes an incorrect authorization in Microsoft Exchange Online that enables an authorized attacker to elevate privileges over a network. This vulnerability impacts Exchange Online’s authorization checks, allowing escalation of access from an existing authorized state. The CVSS 3...
Microsoft Exchange Online Elevation of Privilege Vulnerability
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
PT-2026-55320
Name of the Vulnerable Software and Affected Versions Microsoft Exchange Online affected versions not specified Description Incorrect authorization allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that...
CVE-2026-48582
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
EUVD-2026-38090
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability
...
CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability
...
CVE-2026-48582
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network...
PT-2026-51033
Name of the Vulnerable Software and Affected Versions Microsoft Exchange Online affected versions not specified Description Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network. There have been reports of elevated activities targeti...
EUVD-2026-34338
Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network...
CVE-2026-48579
Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network...
Microsoft Exchange Online Information Disclosure Vulnerability
Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network...
PT-2026-46406
Name of the Vulnerable Software and Affected Versions Microsoft Exchange Online affected versions not specified Description Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network. Recommendations At the moment, there is no...
Microsoft Exchange Online 授权问题漏洞
Microsoft Exchange Online is an enterprise-level cloud email and calendar service open source by Microsoft. There is an authorization issue vulnerability in Microsoft Exchange Online; this vulnerability stems from improper authorization, which may allow unauthorized attackers to disclose...
Microsoft Exchange vulnerable to server-side request forgery and remote code execution.
Overview Microsoft Exchange Server 2019, Exchange Server 2016 and Exchange Server 2013 are vulnerable to a server-side request forgery SSRF attack and remote code execution. An authenticated attacker can use the combination of these two vulnerabilities to elevate privileges and execute arbitrary...