Skip to content
The Nexus
SECURITYMay 15 · 06:19 UTCTHE HACKER NEWS[email protected] (The Hacker News)

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft disclosed a security vulnerability in on-premise Exchange Server versions, tracked as CVE-2026-42897, which has been exploited in the wild. The bug is described as a spoofing issue stemming from a cross-site scripting flaw. An anonymous researcher discovered and reported the issue.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this