Skip to content
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-42897 (CVSS score of 8.1), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft warned that threat actors are actively exploiting a new Exchange Server zero-day vulnerability tracked as CVE-2026-42897. The vulnerability is an improper neutralization ...
U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog | Huntaegis