CVE Catalog

CVE-2026-54998

HighCVSS 8.8
Published: Translated: NVD NIST

Summary

A vulnerability in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network due to incorrect authorization.

Risk Assessment

An attacker could gain higher privileges, potentially leading to unauthorized access to sensitive data or takeover of the email system.

Recommendation

Apply security updates provided by Microsoft for Exchange Online and monitor logs for suspicious privilege escalation activities.

Original NVD description (English source)

Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS