A newly disclosed vulnerability, CVE-2026-42897, is being actively exploited in on-premise Microsoft Exchange Server versions, posing a significant threat to organizations. This spoofing bug, which stems from a cross-site scripting flaw, has a CVSS score of 8.1, indicating a high level of severity. The issue was discovered and reported by an anonymous researcher, prompting Microsoft to acknowledge the vulnerability and its active exploitation in the wild1. The vulnerability can be triggered by a crafted email, allowing attackers to exploit the flaw and potentially gain unauthorized access to sensitive information. As the exploitation status of CVE-2026-42897 continues to evolve, Microsoft is closely monitoring the situation to determine the appropriate course of action. This vulnerability matters to security practitioners because it highlights the need for prompt patching or close monitoring to prevent potential attacks, particularly in environments where on-premise Exchange Servers are deployed.