CISA on May 15, 2026 added CVE-2026-42897, a Microsoft Exchange Server cross-site scripting vulnerability, to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. Under BOD 22-01, federal civilian agencies must remediate by CISA's due date, and CISA urged all organizations to prioritize patching KEV-listed flaws.
Why it matters: Active exploitation of an Exchange Server flaw raises immediate risk for organizations running the product, especially federal agencies subject to KEV deadlines. Defenders should identify exposed Exchange instances and prioritize remediation or mitigation quickly.
Sergiu Gatlan
2026.06.10
96% relevant
This article is a direct update to the same CVE-2026-42897 event, adding that Microsoft has now released June 2026 security updates to patch the actively exploited Exchange Server flaw after earlier warning of exploitation and temporary mitigations.
CISA
2026.05.15
100% relevant
This article is the first tracked item here establishing the specific KEV event for CVE-2026-42897 and its active exploitation status.
← Back to all stories