Patch tracker / Products / Microsoft Exchange Server 2019
Microsoft Exchange Server 2019: vulnerabilities and security updates
Every CVE affecting Microsoft Exchange Server 2019 and the Microsoft update (KB) that fixes it, ranked by real-world risk. Actively exploited (CISA KEV) first, then EPSS exploit probability, on top of CVSS severity.
CVEs
20
Updates (KBs)
25
Actively exploited (KEV)
1
Critical Severity
0
CVEs affecting Microsoft Exchange Server 2019
| CVE | Severity | CVSS | EPSS | Status |
|---|---|---|---|---|
| CVE-2026-42897 | High | 8.8 | 5.6% | KEV |
| CVE-2026-45500 | High | 8.8 | 5.6% | - |
| CVE-2026-45501 | High | 8.8 | 5.6% | - |
| CVE-2026-45502 | High | 8.8 | 5.6% | - |
| CVE-2026-45503 | High | 8.8 | 5.6% | - |
| CVE-2026-45504 | High | 8.8 | 5.6% | - |
| CVE-2026-45583 | High | 8.8 | 5.6% | - |
| CVE-2026-47631 | High | 8.8 | 5.6% | - |
| CVE-2025-53786 | High | 8.0 | 7.4% | - |
| CVE-2024-49040 | High | 7.5 | 7.8% | - |
| CVE-2025-53782 | High | 8.8 | 0.9% | - |
| CVE-2025-59249 | High | 8.8 | 0.9% | - |
| CVE-2025-59248 | High | 8.8 | 0.9% | - |
| CVE-2026-21527 | Medium | 6.5 | 7.7% | - |
| CVE-2025-33051 | High | 7.5 | 1.3% | - |
| CVE-2025-25005 | High | 7.5 | 1.3% | - |
| CVE-2025-25006 | High | 7.5 | 1.3% | - |
| CVE-2025-25007 | High | 7.5 | 1.3% | - |
| CVE-2025-64667 | High | 7.5 | 1.0% | - |
| CVE-2025-64666 | High | 7.5 | 1.0% | - |
Updates (KBs) for Microsoft Exchange Server 2019
| Update | Released | Severity | CVSS | EPSS | CVEs | Status |
|---|---|---|---|---|---|---|
| KB5094139 | 2026-06-09 | High | 8.8 | 5.6% | 8 | KEV |
| KB5094140 | 2026-06-09 | High | 8.8 | 5.6% | 8 | KEV |
| KB5094142 | 2026-06-09 | High | 8.8 | 5.6% | 8 | KEV |
| KB5094144 | 2026-06-09 | High | 8.8 | 5.6% | 8 | KEV |
| KB5047155 | 2025-08-12 | High | 8.0 | 7.4% | 1 | - |
| KB5050672 | 2025-08-12 | High | 8.0 | 7.4% | 1 | - |
| KB5050673 | 2025-08-12 | High | 8.0 | 7.4% | 1 | - |
| KB5050674 | 2025-08-12 | High | 8.0 | 7.4% | 1 | - |
| KB5049233 | 2024-11-12 | High | 7.5 | 7.8% | 1 | - |
| KB5066366 | 2025-10-14 | High | 8.8 | 0.9% | 3 | - |
| KB5066367 | 2025-10-14 | High | 8.8 | 0.9% | 3 | - |
| KB5066368 | 2025-10-14 | High | 8.8 | 0.9% | 3 | - |
| KB5066369 | 2025-10-14 | High | 8.8 | 0.9% | 3 | - |
| KB5074992 | 2026-02-10 | Medium | 6.5 | 7.7% | 1 | - |
| KB5074993 | 2026-02-10 | Medium | 6.5 | 7.7% | 1 | - |
| KB5074994 | 2026-02-10 | Medium | 6.5 | 7.7% | 1 | - |
| KB5074995 | 2026-02-10 | Medium | 6.5 | 7.7% | 1 | - |
| KB5063221 | 2025-08-12 | High | 7.5 | 1.3% | 4 | - |
| KB5063222 | 2025-08-12 | High | 7.5 | 1.3% | 4 | - |
| KB5063223 | 2025-08-12 | High | 7.5 | 1.3% | 4 | - |
| KB5063224 | 2025-08-12 | High | 7.5 | 1.3% | 4 | - |
| KB5071873 | 2025-12-09 | High | 7.5 | 1.0% | 2 | - |
| KB5071874 | 2025-12-09 | High | 7.5 | 1.0% | 2 | - |
| KB5071875 | 2025-12-09 | High | 7.5 | 1.0% | 2 | - |
| KB5071876 | 2025-12-09 | High | 7.5 | 1.0% | 2 | - |
Ranked across all products on the Microsoft patch tracker and the CVE and vulnerability management reference. Browse every product: product index.
