CVE Catalog

CVE-2026-45502

MediumCVSS 5.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.42%

34th percentile - higher than 34% of all known CVEs

Summary

A server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

Risk Assessment

This vulnerability could lead to unauthorized access to sensitive data within the network, posing a serious security threat to the organization.

Recommendation

It is recommended to update Microsoft Exchange Server to the latest version to patch this vulnerability and to monitor access to the system.

Original NVD description (English source)

Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS