CVE-2026-45583

HIGH WAF: Medium

CVSS 7.5 Published: 2026-06-09

CWE-94

Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network.

WAF Coverage Analysis

Code Injection Medium WAF Coverage

OWASP: A03:2021 Injection

932xxx - Remote Code Execution 933xxx - PHP Injection 934xxx - Node.js / Generic Injection

References

msrc.microsoft.com

Back to CVE Database