NVD disclosure day

Published threat advisories for May 11, 2021

CVE advisoryKnown Exploit

CVE-2021-31207

Microsoft Exchange Server Security Feature Bypass Advisory

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

Microsoft Exchange Server has a security feature bypass vulnerability. This could allow an attacker to gain unauthorized access to systems and data. Organizations with affected Exchange Server versions face business risks including data compromise and operational disruption.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2021-31166

Windows HTTP Protocol Stack Remote Code Execution Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in the Windows HTTP Protocol Stack could allow attackers to run code remotely. This impacts systems processing HTTP requests, creating business risk through potential unauthorized access and service disruption. Organizations should apply vendor updates.

NVD published: • CISA KEV