Exchange Server OWA Zero-Day CVE-2026
Source: Techtimes
Published:
<p>Organizations running on-premises Microsoft Exchange Server are facing a five-day-old zero-day with no permanent fix in sight and a growing list of side-effects from the only protection currently available. Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Out