Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Exchange Server Subscription Edition  >> 15.02.2562.017  Security Vulnerabilities
CVE-2026-47631
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
8.1
EPSS Score
0.002
Published
2026-06-09
CVE-2026-45502
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.
CVSS Score
5.0
EPSS Score
0.004
Published
2026-06-09
CVE-2026-45503
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.
CVSS Score
8.1
EPSS Score
0.004
Published
2026-06-09
CVE-2026-45504
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.004
Published
2026-06-09
CVE-2026-45501
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
6.5
EPSS Score
0.003
Published
2026-06-09
CVE-2026-42897
Known exploited
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
8.1
EPSS Score
0.025
Published
2026-05-14
CVE-2026-21527
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
6.5
EPSS Score
0.095
Published
2026-02-10
CVE-2025-64667
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
5.3
EPSS Score
0.008
Published
2025-12-09
CVE-2025-64666
Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
7.5
EPSS Score
0.01
Published
2025-12-09
CVE-2025-59249
Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.007
Published
2025-10-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved