Products
Exchange Server
110 CVEs since tracking began. Latest: 2026-06.
Total CVEs
110
Critical
18
Important
91
Exploited
5
Publicly Disclosed
5
All CVEs for this product 110
| CVE | Title | Severity | CVSS | Component | Month | Exploited | Disclosed |
|---|---|---|---|---|---|---|---|
| CVE-2026-45500 | Microsoft Exchange Server Spoofing Vulnerability | Important | 6.1 |
Microsoft Exchange Server | 2026-06 | - | - |
| CVE-2026-45501 | Microsoft Exchange Server Spoofing Vulnerability | Important | 6.1 |
Microsoft Exchange Server | 2026-06 | - | - |
| CVE-2026-45502 | Microsoft Exchange Server Information Disclosure Vulnerability | Important | 5 |
Microsoft Exchange Server | 2026-06 | - | - |
| CVE-2026-45503 | Microsoft Exchange Server Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2026-06 | - | - |
| CVE-2026-45504 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2026-06 | - | - |
| CVE-2026-45583 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.1 |
Microsoft Exchange Server | 2026-06 | - | - |
| CVE-2026-47631 | Microsoft Exchange Server Spoofing Vulnerability | Important | 5.4 |
Microsoft Exchange Server | 2026-06 | - | - |
| CVE-2026-42897 | Microsoft Exchange Server Spoofing Vulnerability | Critical | 6.1 |
Microsoft Exchange Server | 2026-05 | Yes | - |
| CVE-2026-21527 | Microsoft Exchange Server Spoofing Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2026-02 | - | - |
| CVE-2025-64667 | Microsoft Exchange Server Spoofing Vulnerability | Important | 5.3 |
Microsoft Exchange Server | 2025-12 | - | - |
| CVE-2025-64666 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 7.5 |
Microsoft Exchange Server | 2025-12 | - | - |
| CVE-2025-53782 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Exchange Server | 2025-10 | - | - |
| CVE-2025-59249 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2025-10 | - | - |
| CVE-2025-59248 | Microsoft Exchange Server Spoofing Vulnerability | Important | 7.5 |
Microsoft Exchange Server | 2025-10 | - | - |
| CVE-2025-33051 | Microsoft Exchange Server Information Disclosure Vulnerability | Important | 7.5 |
Microsoft Exchange Server | 2025-08 | - | - |
| CVE-2025-53786 | Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability | Important | 8 |
Microsoft Exchange Server | 2025-08 | - | - |
| CVE-2025-25005 | Microsoft Exchange Server Tampering Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2025-08 | - | - |
| CVE-2025-25006 | Microsoft Exchange Server Spoofing Vulnerability | Important | 5.3 |
Microsoft Exchange Server | 2025-08 | - | - |
| CVE-2025-25007 | Microsoft Exchange Server Spoofing Vulnerability | Important | 5.3 |
Microsoft Exchange Server | 2025-08 | - | - |
| CVE-2024-49040 | Microsoft Exchange Server Spoofing Vulnerability | Important | 7.5 |
Microsoft Exchange Server | 2024-11 | - | Yes |
| CVE-2024-26198 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2024-03 | - | - |
| CVE-2024-21410 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Exchange Server | 2024-02 | Yes | - |
| CVE-2023-36439 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-11 | - | - |
| CVE-2023-36050 | Microsoft Exchange Server Spoofing Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-11 | - | - |
| CVE-2023-36039 | Microsoft Exchange Server Spoofing Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-11 | - | - |
| CVE-2023-36035 | Microsoft Exchange Server Spoofing Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-11 | - | - |
| CVE-2023-36778 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-10 | - | - |
| CVE-2023-36757 | Microsoft Exchange Server Spoofing Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-09 | - | - |
| CVE-2023-36756 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-09 | - | - |
| CVE-2023-36745 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-09 | - | - |
| CVE-2023-36744 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-09 | - | - |
| CVE-2023-36777 | Microsoft Exchange Server Information Disclosure Vulnerability | Important | 5.7 |
Microsoft Exchange Server | 2023-09 | - | - |
| CVE-2023-21709 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 9.8 |
Microsoft Exchange Server | 2023-08 | - | - |
| CVE-2023-35368 | Microsoft Exchange Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2023-08 | - | - |
| CVE-2023-38185 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2023-08 | - | - |
| CVE-2023-35388 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-08 | - | - |
| CVE-2023-38182 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-08 | - | - |
| CVE-2023-38181 | Microsoft Exchange Server Spoofing Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2023-08 | - | - |
| CVE-2023-28310 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-06 | - | - |
| CVE-2023-32031 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2023-06 | - | - |
| CVE-2023-21529 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2023-02 | - | - |
| CVE-2023-21706 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2023-02 | - | - |
| CVE-2023-21707 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2023-02 | - | - |
| CVE-2023-21710 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 7.2 |
Microsoft Exchange Server | 2023-02 | - | - |
| CVE-2023-21761 | Microsoft Exchange Server Information Disclosure Vulnerability | Important | 7.5 |
Microsoft Exchange Server | 2023-01 | - | - |
| CVE-2023-21762 | Microsoft Exchange Server Spoofing Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-01 | - | - |
| CVE-2023-21763 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Exchange Server | 2023-01 | - | - |
| CVE-2023-21764 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Exchange Server | 2023-01 | - | - |
| CVE-2023-21745 | Microsoft Exchange Server Spoofing Vulnerability | Important | 8 |
Microsoft Exchange Server | 2023-01 | - | - |
| CVE-2022-41078 | Microsoft Exchange Server Spoofing Vulnerability | Important | 8 |
Microsoft Exchange Server | 2022-11 | - | - |
| CVE-2022-41123 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Exchange Server | 2022-11 | - | - |
| CVE-2022-41079 | Microsoft Exchange Server Spoofing Vulnerability | Important | 8 |
Microsoft Exchange Server | 2022-11 | - | - |
| CVE-2022-41080 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical | 8.8 |
Microsoft Exchange Server | 2022-11 | - | - |
| CVE-2022-41040 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical | 8.8 |
Microsoft Exchange Server | 2022-09 | Yes | - |
| CVE-2022-41082 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8 |
Microsoft Exchange Server | 2022-09 | Yes | - |
| CVE-2022-21979 | Microsoft Exchange Server Information Disclosure Vulnerability | Important | 4.8 |
Microsoft Exchange Server | 2022-08 | - | - |
| CVE-2022-21980 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical | 8 |
Microsoft Exchange Server | 2022-08 | - | - |
| CVE-2022-24516 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical | 8 |
Microsoft Exchange Server | 2022-08 | - | - |
| CVE-2022-24477 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical | 8 |
Microsoft Exchange Server | 2022-08 | - | - |
| CVE-2022-30134 | Microsoft Exchange Server Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2022-08 | - | Yes |
| CVE-2022-34692 | Microsoft Exchange Server Information Disclosure Vulnerability | Important | 5.3 |
Microsoft Exchange Server | 2022-08 | - | - |
| CVE-2022-21978 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 8.2 |
Microsoft Exchange Server | 2022-05 | - | - |
| CVE-2022-24463 | Microsoft Exchange Server Spoofing Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2022-03 | - | - |
| CVE-2022-23277 | Microsoft Exchange Server Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Exchange Server | 2022-03 | - | - |
| CVE-2022-21846 | Microsoft Exchange Server Remote Code Execution Vulnerability | Critical | 9 |
Microsoft Exchange Server | 2022-01 | - | - |
| CVE-2022-21855 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 9 |
Microsoft Exchange Server | 2022-01 | - | - |
| CVE-2022-21969 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 9 |
Microsoft Exchange Server | 2022-01 | - | - |
| CVE-2021-42321 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2021-11 | Yes | - |
| CVE-2021-41349 | Microsoft Exchange Server Spoofing Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2021-11 | - | - |
| CVE-2021-42305 | Microsoft Exchange Server Spoofing Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2021-11 | - | - |
| CVE-2021-34453 | Microsoft Exchange Server Denial of Service Vulnerability | Important | 7.5 |
Microsoft Exchange Server | 2021-10 | - | - |
| CVE-2021-41348 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 8 |
Microsoft Exchange Server | 2021-10 | - | - |
| CVE-2021-41350 | Microsoft Exchange Server Spoofing Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2021-10 | - | - |
| CVE-2021-26427 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 9 |
Microsoft Exchange Server | 2021-10 | - | - |
| CVE-2021-31195 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2021-05 | - | - |
| CVE-2021-31198 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Exchange Server | 2021-05 | - | - |
| CVE-2021-31207 | Microsoft Exchange Server Security Feature Bypass Vulnerability | Moderate | 6.6 |
Microsoft Exchange Server | 2021-05 | - | Yes |
| CVE-2021-31209 | Microsoft Exchange Server Spoofing Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2021-05 | - | - |
| CVE-2021-28480 | Microsoft Exchange Server Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Exchange Server | 2021-04 | - | - |
| CVE-2021-28481 | Microsoft Exchange Server Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Exchange Server | 2021-04 | - | - |
| CVE-2021-28482 | Microsoft Exchange Server Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Exchange Server | 2021-04 | - | - |
| CVE-2021-28483 | Microsoft Exchange Server Remote Code Execution Vulnerability | Critical | 9 |
Microsoft Exchange Server | 2021-04 | - | - |
| CVE-2021-24085 | Microsoft Exchange Server Spoofing Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2021-03 | - | - |
| CVE-2021-1730 | Microsoft Exchange Server Spoofing Vulnerability | Important | 5.4 |
Microsoft Exchange Server | 2021-03 | - | - |
| CVE-2020-17117 | Microsoft Exchange Remote Code Execution Vulnerability | Critical | 6.6 |
Microsoft Exchange Server | 2020-12 | - | - |
| CVE-2020-17132 | Microsoft Exchange Remote Code Execution Vulnerability | Critical | 9.1 |
Microsoft Exchange Server | 2020-12 | - | - |
| CVE-2020-17141 | Microsoft Exchange Remote Code Execution Vulnerability | Important | 8.4 |
Microsoft Exchange Server | 2020-12 | - | - |
| CVE-2020-17142 | Microsoft Exchange Remote Code Execution Vulnerability | Critical | 9.1 |
Microsoft Exchange Server | 2020-12 | - | - |
| CVE-2020-17143 | Microsoft Exchange Server Information Disclosure Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2020-12 | - | - |
| CVE-2020-17144 | Microsoft Exchange Remote Code Execution Vulnerability | Important | 8.4 |
Microsoft Exchange Server | 2020-12 | - | - |
| CVE-2020-17083 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 5.5 |
Microsoft Exchange Server | 2020-11 | - | - |
| CVE-2020-17084 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important | 8.5 |
Microsoft Exchange Server | 2020-11 | - | - |
| CVE-2020-17085 | Microsoft Exchange Server Denial of Service Vulnerability | Important | 6.2 |
Microsoft Exchange Server | 2020-11 | - | - |
| CVE-2020-16969 | Microsoft Exchange Information Disclosure Vulnerability | Important | 7.1 |
Microsoft Exchange Server | 2020-10 | - | - |
| CVE-2020-16875 | Microsoft Exchange Server Remote Code Execution Vulnerability | Critical | 8.4 |
Microsoft Exchange Server | 2020-09 | - | - |
| CVE-2020-0903 | Microsoft Exchange Server Spoofing Vulnerability | Important | 5.4 |
Microsoft Exchange Server | 2020-03 | - | - |
| CVE-2020-0688 | Microsoft Exchange Validation Key Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Exchange Server | 2020-02 | - | - |
| CVE-2020-0692 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 8.1 |
Microsoft Exchange Server | 2020-02 | - | - |
| CVE-2019-1373 | Microsoft Exchange Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Exchange Server | 2019-11 | - | - |
| CVE-2019-1233 | Microsoft Exchange Denial of Service Vulnerability | Important | 7.5 |
Microsoft Exchange Server | 2019-09 | - | - |
| CVE-2019-1266 | Microsoft Exchange Spoofing Vulnerability | Important | 6.1 |
Microsoft Exchange Server | 2019-09 | - | - |
| CVE-2019-1084 | Microsoft Exchange Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Office | 2019-07 | - | - |
| CVE-2019-1136 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 8.1 |
Microsoft Exchange Server | 2019-07 | - | - |
| CVE-2019-1137 | Microsoft Exchange Server Spoofing Vulnerability | Important | 5.4 |
Microsoft Exchange Server | 2019-07 | - | - |
| CVE-2019-0858 | Microsoft Exchange Spoofing Vulnerability | Important | 6.1 |
Microsoft Exchange Server | 2019-04 | - | - |
| CVE-2019-0817 | Microsoft Exchange Spoofing Vulnerability | Important | 5.4 |
Microsoft Exchange Server | 2019-04 | - | - |
| CVE-2019-0686 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 7.4 |
Microsoft Exchange Server | 2019-02 | - | Yes |
| CVE-2019-0724 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 8.1 |
Microsoft Exchange Server | 2019-02 | - | Yes |
| CVE-2019-0586 | Microsoft Exchange Memory Corruption Vulnerability | Important | 9.8 |
Microsoft Exchange Server | 2019-01 | - | - |
| CVE-2019-0588 | Microsoft Exchange Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Exchange Server | 2019-01 | - | - |
Threat Categories 7
| Threat Category | CVEs | Critical |
|---|---|---|
| Remote Code Execution | 41 | 11 |
| Spoofing | 31 | 1 |
| Elevation of Privilege | 21 | 6 |
| Information Disclosure | 12 | - |
| Denial of Service | 3 | - |
| Security Feature Bypass | 1 | - |
| Tampering | 1 | - |
Components 2
| Component | CVEs | Exploited |
|---|---|---|
| Microsoft Exchange Server | 109 | 5 |
| Microsoft Office | 1 | - |