Back to overview

CVE-2026-55005

HIGH
8.8
CVSS 3.1

Metadata

CVE ID
CVE-2026-55005
State
PUBLISHED
Assigner
microsoft
Reserved
2026-06-16 14:10 UTC
Published
2026-07-14 17:04 UTC
Last updated
2026-07-14 19:29 UTC
Primary CWE
CWE-122
CWE-122: Heap-based Buffer Overflow
Vendor / Product
Microsoft / Microsoft Exchange Server 2016 Cumulative Update 23
Sources
cve.org  ·  NVD

Severity & Metrics

8.8 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products (4)
VendorProductPlatformVersions
Microsoft Microsoft Exchange Server 2016 Cumulative Update 23 x64-based Systems 15.01.0.0 < 15.01.2507.071
Microsoft Microsoft Exchange Server 2019 Cumulative Update 14 x64-based Systems 15.02.0.0 < 15.02.1544.043
Microsoft Microsoft Exchange Server 2019 Cumulative Update 15 x64-based Systems 15.02.0.0 < 15.02.1748.048
Microsoft Microsoft Exchange Server Subscription Edition RTM x64-based Systems 15.02.0.0 < 15.02.2562.045
Weakness (CWE)
CWESourceDescription
CWE-122 cna CWE-122: Heap-based Buffer Overflow
CVSS scores (1)
ScoreSeverityVersionSourceVector
8.8 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
References (1)
Back to overview