Microsoft Exchange Server zero-day exploited via crafted email
NotebookCHECK - Notebook Forum - Index [Unofficial]
May 17, 2026
Microsoft confirms active exploitation of Exchange Server zero-day CVE-2026-42897 via crafted email with no permanent patch available for on-prem deployments.
Discussion in the ATmosphere