Jun 2026: Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2026-45503 Published on June 9, 2026

Microsoft Exchange Server Information Disclosure Vulnerability
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

Vendor Advisory NVD

Weakness Type

What is an AuthZ Vulnerability?

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

CVE-2026-45503 has been classified to as an AuthZ vulnerability or weakness.

Products Associated with CVE-2026-45503

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Exchange Server 2016

Microsoft Exchange Server Se

Microsoft Exchange Server 2019

Affected Versions

Microsoft Exchange Server 2016 Cumulative Update 23:

Version 15.01.0.0 and below 15.01.2507.069 is affected.

Microsoft Exchange Server 2019 Cumulative Update 14:

Version 15.02.0.0 and below 15.02.1544.041 is affected.

Microsoft Exchange Server 2019 Cumulative Update 15:

Version 15.02.0.0 and below 15.02.1748.046 is affected.

Microsoft Exchange Server Subscription Edition RTM:

Version 15.02.0.0 and below 15.02.2562.043 is affected.

Jun 2026: Microsoft Exchange Server Information Disclosure VulnerabilityCVE-2026-45503 Published on June 9, 2026

Weakness Type

What is an AuthZ Vulnerability?

Products Associated with CVE-2026-45503

Affected Versions

Jun 2026: Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2026-45503 Published on June 9, 2026