News Microsoft patches actively exploited Exchange Server zero-day (CVE-2026-42897) June 10, 2026 / June 10, 2026 by Alex Mira | Leave a Comment Microsoft patched an actively exploited Exchange Server zero-day (CVE-2026-42897) that enables XSS against Outlook Web Access users. Admins should install June 2026 updates promptly and keep EEMS mitigations enabled. Read more » CISA KEV CVE-2026-42897 Microsoft Exchange Server Outlook Web Access XSS Zero-day
