Microsoft Exchange Server — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Exchange Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2004-0840 — CVSS 10.0 (critical): The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit…
CVE-2004-0574 — CVSS 10.0 (critical): The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange…
CVE-1999-0385 — CVSS 10.0 (critical): The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute…
CVE-2007-0213 — CVSS 10.0 (critical): Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote…
CVE-2018-8302 — CVSS 9.8 (critical): A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory…
CVE-2019-1373 — CVSS 9.8 (critical): A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft…
CVE-2018-8154 — CVSS 9.8 (critical): A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory…
CVE-2019-0586 — CVSS 9.8 (critical): A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory…
CVE-2009-0098 — CVSS 9.3 (critical): Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral…
CVE-2026-45504 — CVSS 8.8 (high): Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-59249 — CVSS 8.8 (high): Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVE-2018-0986 — CVSS 8.8 (high): A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file…
CVE-2018-16793 — CVSS 8.6 (high): Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in…
CVE-2020-16875 — CVSS 8.4 (high): <p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An…
CVE-2025-53782 — CVSS 8.4 (high): Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges…
CVE-2026-45503 — CVSS 8.1 (high): Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.
CVE-2020-0692 — CVSS 8.1 (high): An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege…
CVE-2019-1136 — CVSS 8.1 (high): An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege…
CVE-2017-11932 — CVSS 8.1 (high): Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerability due to the way Outlook Web Access…
CVE-2019-0724 — CVSS 8.1 (high): An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege…
CVE-2026-47631 — CVSS 8.1 (high): Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized…
CVE-2025-53786 — CVSS 8.0 (high): On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix…
CVE-2007-0039 — CVSS 7.8 (high): The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows…
CVE-2018-8265 — CVSS 7.8 (high): A remote code execution vulnerability exists in the way Microsoft Exchange software parses specially crafted email messages, aka "Microsoft…
CVE-2007-0221 — CVSS 7.8 (high): Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service…
CVE-2006-0027 — CVSS 7.5 (high): Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal…
CVE-1999-0993 — CVSS 7.5 (high): Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed.
CVE-2026-45583 — CVSS 7.5 (high): Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an unauthorized attacker to execute code over…
CVE-2019-1233 — CVSS 7.5 (high): A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in…
CVE-2002-0698 — CVSS 7.5 (high): Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an…
CVE-2002-0054 — CVSS 7.5 (high): SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses…
CVE-2001-0726 — CVSS 7.5 (high): Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline…
CVE-2025-33051 — CVSS 7.5 (high): Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose…
CVE-1999-0284 — CVSS 7.5 (high): Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
CVE-2001-0340 — CVSS 7.5 (high): An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to…
CVE-2025-59248 — CVSS 7.5 (high): Improper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2000-1139 — CVSS 7.5 (high): The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain…
CVE-2025-64666 — CVSS 7.5 (high): Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVE-2003-0714 — CVSS 7.5 (high): The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion)…
CVE-2005-0044 — CVSS 7.5 (high): The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of…
CVE-2005-0560 — CVSS 7.5 (high): Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003…
CVE-2005-1987 — CVSS 7.5 (high): Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to…
CVE-2006-0002 — CVSS 7.5 (high): Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows…
CVE-2016-3378 — CVSS 7.4 (high): Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative…
CVE-2019-0686 — CVSS 7.4 (high): An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege…
CVE-2020-16969 — CVSS 7.1 (high): <p>An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker…
CVE-2015-1771 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8…
CVE-2013-0418 — CVSS 6.8 (medium): Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent…
CVE-2007-0220 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows…
CVE-2019-1084 — CVSS 6.5 (medium): An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable…
CVE-2018-0924 — CVSS 6.5 (medium): Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange…
CVE-2018-0940 — CVSS 6.5 (medium): Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server…
CVE-2019-0588 — CVSS 6.5 (medium): An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view…
CVE-2025-25005 — CVSS 6.5 (medium): Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform tampering over a network.
CVE-2026-21527 — CVSS 6.5 (medium): User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform…
CVE-2026-45501 — CVSS 6.5 (medium): Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized…
CVE-2010-1690 — CVSS 6.4 (medium): The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows…
CVE-2002-0049 — CVSS 6.4 (medium): Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to…
CVE-2010-1689 — CVSS 6.4 (medium): The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows…
CVE-2016-0030 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, and…
CVE-2017-8621 — CVSS 6.1 (medium): Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an open…
CVE-2026-45500 — CVSS 6.1 (medium): Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized…
CVE-2017-8560 — CVSS 6.1 (medium): Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation…
CVE-2017-8559 — CVSS 6.1 (medium): Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation…
CVE-2016-0031 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject…
CVE-2016-0032 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, 2013…
CVE-2017-0110 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Microsoft Exchange Outlook Web Access (OWA) allows remote attackers to inject arbitrary web…
CVE-2016-0029 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote attackers to inject…
CVE-2019-1266 — CVSS 6.1 (medium): A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka…
CVE-2017-8758 — CVSS 6.1 (medium): Microsoft Exchange Server 2016 allows an elevation of privilege vulnerability when Microsoft Exchange Outlook Web Access (OWA) fails to…
CVE-2016-3379 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2 allows remote attackers to inject…
CVE-2019-0858 — CVSS 6.1 (medium): A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka…
CVE-2003-0904 — CVSS 6.0 (medium): Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections…
CVE-2005-0420 — CVSS 5.8 (medium): Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a…
CVE-2017-8535 — CVSS 5.5 (medium): The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2…
CVE-2017-8536 — CVSS 5.5 (medium): The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2…
CVE-2017-8537 — CVSS 5.5 (medium): The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2…
CVE-2018-0941 — CVSS 5.5 (medium): Microsoft Exchange Server 2016 Cumulative Update 7 and Microsoft Exchange Server 2016 Cumulative Update 8 allow an information disclosure…
CVE-2021-1730 — CVSS 5.4 (medium): <p>A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to…
CVE-2018-8448 — CVSS 5.4 (medium): An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka…
CVE-2019-0817 — CVSS 5.4 (medium): A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka…
CVE-2018-8159 — CVSS 5.4 (medium): An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka…
CVE-2018-8153 — CVSS 5.4 (medium): A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka…
CVE-2019-1137 — CVSS 5.4 (medium): A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request…
CVE-2018-8152 — CVSS 5.4 (medium): An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka…
CVE-2020-0903 — CVSS 5.4 (medium): A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request…
CVE-2017-11761 — CVSS 5.3 (medium): Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 allow an input sanitization issue with Microsoft Exchange that could…
CVE-2025-25007 — CVSS 5.3 (medium): Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over…
CVE-2025-64667 — CVSS 5.3 (medium): User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform…
CVE-2025-25006 — CVSS 5.3 (medium): Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a…
CVE-2002-0055 — CVSS 5.0 (medium): SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via…
CVE-1999-0945 — CVSS 5.0 (medium): Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service…
CVE-2000-0216 — CVSS 5.0 (medium): Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which…
CVE-1999-0682 — CVSS 5.0 (medium): Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying…
CVE-2015-2505 — CVSS 5.0 (medium): Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to obtain sensitive…
CVE-2026-45502 — CVSS 5.0 (medium): Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.
CVE-2015-1631 — CVSS 5.0 (medium): Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to spoof meeting organizers via unspecified vectors, aka…
CVE-2014-6319 — CVSS 5.0 (medium): Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate…
CVE-2010-0025 — CVSS 5.0 (medium): The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server…
CVE-2010-0024 — CVSS 5.0 (medium): The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server…
CVE-2009-0099 — CVSS 5.0 (medium): The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2…
CVE-2005-0738 — CVSS 5.0 (medium): Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 allows users to cause a denial of service (hang) by deleting or…
CVE-2002-1873 — CVSS 5.0 (medium): Microsoft Exchange 2000, when used with Microsoft Remote Procedure Call (MSRPC), allows remote attackers to cause a denial of service…
CVE-2002-1790 — CVSS 5.0 (medium): The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and…
CVE-2002-0368 — CVSS 5.0 (medium): The Store Service in Microsoft Exchange 2000 allows remote attackers to cause a denial of service (CPU consumption) via a mail message with…
CVE-2001-1319 — CVSS 5.0 (medium): Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial of service (hang) via exceptional BER encodings for the LDAP filter…
CVE-1999-1043 — CVSS 5.0 (medium): Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote…
CVE-2001-0660 — CVSS 5.0 (medium): Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, allows remote attackers to identify valid user email addresses by…
CVE-2001-0543 — CVSS 5.0 (medium): Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via…
CVE-2001-0509 — CVSS 5.0 (medium): Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT…