SECURITYTHE HACKER NEWS
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft disclosed a security vulnerability in on-premise Exchange Server versions, tracked as CVE-2026-42897, which has been exploited in the wild. The bug is described as a spoofing issue stemming from a cross-site scripting flaw. An anonymous researcher discovered and reported the issue.