KEV · Activement exploitée
CVE-2026-42897
CRITICAL 8.1
KEV
EN Microsoft Exchange Server Spoofing Vulnerability
EPSS
10.34%
exploit modéré
percentile 93.3%
CISA Known Exploited Vulnerability
- Ajouté au KEV
- 2026-05-15
- Deadline remédiation
- 2026-05-29
- Action requise
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Ransomware
- Non