CVE-2026-42897 is a vulnerability tracked across 3 threat clusters and 19 intelligence report mentions on ThreatCluster. First observed May 15, 2026; most recent activity June 11, 2026.
Microsoft has patched a high-severity zero-day vulnerability in Exchange Server, tracked as CVE-2026-42897, which allows attackers to execute arbitrary JavaScript via crafted emails in Outlook Web Access. The flaw…
On June 9, 2026, Microsoft released its largest Patch Tuesday update, addressing 206 vulnerabilities, including three zero-day flaws. Among the critical vulnerabilities, 32 were rated as critical, with 28 classified as…
Microsoft has disclosed a critical vulnerability, CVE-2026-42897, affecting on-premises Exchange Server versions 2016, 2019, and Subscription Edition. This zero-day flaw allows attackers to execute arbitrary JavaScript…