Patch tracker / Products / Microsoft Exchange Server 2016
Microsoft Exchange Server 2016: vulnerabilities and security updates
Every CVE affecting Microsoft Exchange Server 2016 and the Microsoft update (KB) that fixes it, ranked by real-world risk. Actively exploited (CISA KEV) first, then EPSS exploit probability, on top of CVSS severity.
CVEs
9
Updates (KBs)
17
Actively exploited (KEV)
0
Critical Severity
0
CVEs affecting Microsoft Exchange Server 2016
| CVE | Severity | CVSS | EPSS | Status |
|---|---|---|---|---|
| CVE-2025-53786 | High | 8.0 | 7.4% | - |
| CVE-2024-49040 | High | 7.5 | 7.8% | - |
| CVE-2026-21527 | Medium | 6.5 | 7.7% | - |
| CVE-2025-33051 | High | 7.5 | 1.3% | - |
| CVE-2025-25005 | High | 7.5 | 1.3% | - |
| CVE-2025-25006 | High | 7.5 | 1.3% | - |
| CVE-2025-25007 | High | 7.5 | 1.3% | - |
| CVE-2025-64667 | High | 7.5 | 1.0% | - |
| CVE-2025-64666 | High | 7.5 | 1.0% | - |
Updates (KBs) for Microsoft Exchange Server 2016
| Update | Released | Severity | CVSS | EPSS | CVEs | Status |
|---|---|---|---|---|---|---|
| KB5047155 | 2025-08-12 | High | 8.0 | 7.4% | 1 | - |
| KB5050672 | 2025-08-12 | High | 8.0 | 7.4% | 1 | - |
| KB5050673 | 2025-08-12 | High | 8.0 | 7.4% | 1 | - |
| KB5050674 | 2025-08-12 | High | 8.0 | 7.4% | 1 | - |
| KB5049233 | 2024-11-12 | High | 7.5 | 7.8% | 1 | - |
| KB5074992 | 2026-02-10 | Medium | 6.5 | 7.7% | 1 | - |
| KB5074993 | 2026-02-10 | Medium | 6.5 | 7.7% | 1 | - |
| KB5074994 | 2026-02-10 | Medium | 6.5 | 7.7% | 1 | - |
| KB5074995 | 2026-02-10 | Medium | 6.5 | 7.7% | 1 | - |
| KB5063221 | 2025-08-12 | High | 7.5 | 1.3% | 4 | - |
| KB5063222 | 2025-08-12 | High | 7.5 | 1.3% | 4 | - |
| KB5063223 | 2025-08-12 | High | 7.5 | 1.3% | 4 | - |
| KB5063224 | 2025-08-12 | High | 7.5 | 1.3% | 4 | - |
| KB5071873 | 2025-12-09 | High | 7.5 | 1.0% | 2 | - |
| KB5071874 | 2025-12-09 | High | 7.5 | 1.0% | 2 | - |
| KB5071875 | 2025-12-09 | High | 7.5 | 1.0% | 2 | - |
| KB5071876 | 2025-12-09 | High | 7.5 | 1.0% | 2 | - |
Ranked across all products on the Microsoft patch tracker and the CVE and vulnerability management reference. Browse every product: product index.
