CVE Catalog
CVE-2026-54998
HighCVSS 8.8Summary
A vulnerability in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network due to incorrect authorization.
Risk Assessment
An attacker could gain higher privileges, potentially leading to unauthorized access to sensitive data or takeover of the email system.
Recommendation
Apply security updates provided by Microsoft for Exchange Online and monitor logs for suspicious privilege escalation activities.
Original NVD description (English source)
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

