Microsoft Exchange InterceptorSmtpAgent Reliance on Untrusted Inputs Security Feature Bypass Vulnerability

A medium-severity vulnerability in Microsoft Exchange (CVE-2026-21527) allows unauthenticated remote attackers to bypass a security feature without requiring credentials. The exploitation could enable attackers to circumvent existing security controls, though the moderate CVSS score of 5.3 suggests limited direct impact. Security teams should prioritize patching Microsoft Exchange systems and monitor for any exploit activity targeting this bypass mechanism in their environments.