{"uuid": "ced1de12-d2a4-447c-8270-34fc0907b8b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42897", "type": "seen", "source": "https://bsky.app/profile/diesec.bsky.social/post/3mmte3szsrg2d", "content": "Exchange Server zero-day (CVE-2026-42897): crafted email \u2192 OWA XSS \u2192 session token stolen.\u00a0\nActive exploitation confirmed.\nNo permanent patch.\n CISA deadline May 29.\nIf EM Service is disabled, you're unprotected right now.\n\nCheck EM Service status before Friday.\n\n#CyberSecurity", "creation_timestamp": "2026-05-27T11:00:05.860500Z"}