{"id":246852,"date":"2026-05-15T10:06:00","date_gmt":"2026-05-15T14:06:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/15\/cve-2026-42897-microsoft-confirms-active-exploitation-of-exchange-server-zero-day\/"},"modified":"2026-05-15T17:15:15","modified_gmt":"2026-05-15T21:15:15","slug":"cve-2026-42897-microsoft-confirms-active-exploitation-of-exchange-server-zero-day-2","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/15\/cve-2026-42897-microsoft-confirms-active-exploitation-of-exchange-server-zero-day-2\/","title":{"rendered":"CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day"},"content":{"rendered":"

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day<\/a><\/p>\n

https:\/\/securityaffairs.com\/192204\/security\/cve-2026-42897-microsoft-confirms-active-exploitation-of-exchange-server-zero-day.html<\/a><\/p>\n

Publish Date: 2026-05-15 10:06:00<\/a><\/p>\n

Source Domain: securityaffairs.com<\/a><\/p>\n

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day<\/h2>\n<\/p>\n

\t\t\t\t\t\t\t Pierluigi Paganini<\/span>
\n\t\t\t\t\t\t\t\"\"\/ May 15, 2026<\/span><\/p>\n

\t\t\t\t\t\t\"\"\/<\/p>\n

Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild.<\/h2>\n

Microsoft warned that threat actors are actively exploiting a new Exchange Server zero-day vulnerability tracked as CVE-2026-42897 (CVSS score 8.1). <\/p>\n

The vulnerability is an improper neutralization of input during web page generation (\u2018cross-site scripting\u2019) in Microsoft Exchange Server. An attacker can exploit the flaw to perform spoofing over a network.<\/p>\n

\u201cImproper neutralization of input during web page generation (\u2018cross-site scripting\u2019) in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.\u201d reads the advisory.<\/p>\n

Microsoft warned that the Exchange Server zero-day affects Outlook Web Access (OWA). Attackers can exploit the flaw by sending a specially crafted email that executes malicious JavaScript when opened in Outlook Web Access under certain conditions.<\/p>\n

Microsoft confirmed it had detected active exploitation of CVE-2026-42897 in the wild; however, it has not disclosed details about any attacks exploiting the issue. <\/p>\n

Until a permanent security update becomes available, Microsoft has released temporary mitigation measures and urged administrators to apply them immediately to reduce exposure to attacks.<\/p>\n

The flaw surfaced just two days after Microsoft\u2019s Patch Tuesday for May 2026 updates, which patched 138 vulnerabilities.<\/p>\n

Exchange Server zero-days are dangerous because they sit at the center of corporate email, one of the most sensitive and widely used systems in any organization.<\/p>\n

Upon exploiting Microsoft Exchange Server flaws, attackers often get a direct path into internal communications, credentials, and business workflows.<\/p>\n

A key reason they\u2019re high risk is…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day https:\/\/securityaffairs.com\/192204\/security\/cve-2026-42897-microsoft-confirms-active-exploitation-of-exchange-server-zero-day.html Publish Date: 2026-05-15 10:06:00 Source…<\/p>\n","protected":false},"author":1,"featured_media":246854,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2016\/11\/windows-zero-day.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[31,27],"class_list":["post-246852","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/246852"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=246852"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/246852\/revisions"}],"predecessor-version":[{"id":246856,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/246852\/revisions\/246856"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/246854"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=246852"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=246852"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=246852"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}