CVE-2025-59249
- EPSS 0.75%
- Veröffentlicht 14.10.2025 17:00:42
- Zuletzt bearbeitet 15.06.2026 19:16:51
Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-53782
- EPSS 0.32%
- Veröffentlicht 14.10.2025 17:00:08
- Zuletzt bearbeitet 15.06.2026 19:17:08
Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.
CVE-2025-25007
- EPSS 0.8%
- Veröffentlicht 12.08.2025 17:09:53
- Zuletzt bearbeitet 15.06.2026 19:17:50
Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-25006
- EPSS 0.79%
- Veröffentlicht 12.08.2025 17:09:53
- Zuletzt bearbeitet 15.06.2026 19:18:39
Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-25005
- EPSS 1.27%
- Veröffentlicht 12.08.2025 17:09:52
- Zuletzt bearbeitet 15.06.2026 19:18:03
Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform tampering over a network.
CVE-2025-33051
- EPSS 1.13%
- Veröffentlicht 12.08.2025 17:09:45
- Zuletzt bearbeitet 15.06.2026 19:18:16
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.
- EPSS 7.45%
- Veröffentlicht 06.08.2025 16:15:30
- Zuletzt bearbeitet 15.06.2026 19:19:29
On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Foll...