Microsoft Exchange Online vulnerabilities
3 known vulnerabilities affecting microsoft/microsoft_exchange_online.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2026-26137P2CRITICALCVSS 9.9v-2026-03-19
CVE-2026-26137 [CRITICAL] CWE-918 CVE-2026-26137: Server-side request forgery (ssrf) in Microsoft Exchange allows an authorized attacker to elevate pr
Server-side request forgery (ssrf) in Microsoft Exchange allows an authorized attacker to elevate privileges over a network.
nvd
CVE-2026-48582P2CRITICALCVSS 9.6v-2026-06-19
CVE-2026-48582 [CRITICAL] CWE-862 CVE-2026-48582: Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileg
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
nvd
CVE-2026-48579P3HIGHCVSS 7.5v-2026-06-04
CVE-2026-48579 [HIGH] CWE-285 CVE-2026-48579: Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose info
Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network.
nvd