CVE Catalog

CVE-2026-45583

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.44%

35th percentile - higher than 35% of all known CVEs

Summary

Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network.

Risk Assessment

An attacker can exploit this vulnerability to execute code remotely, potentially leading to serious security breaches within the organization.

Recommendation

It is recommended to update Microsoft Exchange Server to the latest version and implement appropriate security measures to minimize the risk of an attack.

Original NVD description (English source)

Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS