Tag
A critical missing authorization vulnerability, CVE-2026-48582, in Microsoft Exchange Online allows an already authenticated attacker to elevate their privileges over the network, potentially leading to unauthorized access to sensitive data or configuration changes within affected organizations.