CVE-2026-21527
published 2026-02-10CVE-2026-21527: Microsoft Exchange Server Spoofing Vulnerability User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an…
medium6.5
Microsoft Exchange Server Spoofing Vulnerability
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | gotenberg_gotenberg_v7 | 0 – 7.10.2 | — |
| github.com | gotenberg_gotenberg_v8 | >= 0 < 8.29.0 | 8.29.0 |
| microsoft | microsoft_exchange_server_2016_cumulative_update_23 | >= 15.01.0.0 < 15.01.2507.066 | 15.01.2507.066 |
| microsoft | microsoft_exchange_server_2019_cumulative_update_14 | >= 15.02.0.0 < 15.02.1544.039 | 15.02.1544.039 |
| microsoft | microsoft_exchange_server_2019_cumulative_update_15 | >= 15.02.0.0 < 15.02.1748.043 | 15.02.1748.043 |
| microsoft | microsoft_exchange_server_subscription_edition_rtm | >= 15.02.0.0 < 15.02.2562.037 | 15.02.2562.037 |
| msrc | microsoft_exchange_server_2016_cumulative_update_23 | — | — |
| msrc | microsoft_exchange_server_2019_cumulative_update_14 | — | — |
| msrc | microsoft_exchange_server_2019_cumulative_update_15 | — | — |
| msrc | microsoft_exchange_server_subscription_edition_rtm | — | — |
CVSS provenance
cvelistv56.5MEDIUM
ghsa8.2HIGH