VDB

CVE-2026-45504

CVE-2026-45504 PUBLISHED CVSS 8.800000190734863 HIGH

A specifically crafted attachment, with the ProviderEndpointUrl field pointing towards a malicious infrastructure is used for SSRF. When the attachment is opened, the Exchange Server sends a request to the malicious server which returns a modified URI containing the path to the desired file. An oversight in the processing logic causes the server to return the requested files to the attacker without validation. The root cause of the vulnerability is the lack of validation of values returned by WOPU providers, causing the server to respond to any request without additional checks.

EPSS 0.47% · 36.9th percentile

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.47%
36.9th percentile

Affected Products

VendorProductVersions
MicrosoftMicrosoft Exchange Server Subscription Edition RTM (Build: 15.02.2562.043)
MicrosoftMicrosoft Exchange Server 2016
MicrosoftMicrosoft Exchange Server 2019

Timeline

  • Jun 9, 2026 CVE Published
  • Jun 10, 2026 Coalition ESS Score
  • Jun 10, 2026 Security Advisory
  • Jun 15, 2026 Security Advisory
  • Jun 15, 2026 CVE Updated
  • Jun 30, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›