U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog
Source: Security Affairs · Category: Government Advisory
CISA added Microsoft Exchange Server CVE-2026-42897 (CVSS 8.1) to its Known Exploited Vulnerabilities catalog after threat actors began exploiting it. Law firms commonly run Exchange Server for email and calendaring; active exploitation creates immediate risk to firm communications and data. Patch immediately and verify deployment across all 40+ offices.