Microsoft Exchange CVE-2026-42897: KEV OWA Mitigation Exposure
CISA added Exchange Server CVE-2026-42897 to KEV on 2026-05-15. MSRC marks exploitation detected and points to Exchange Emergency Mitigation Service mitigation ID M2 rather than a normal update table.