[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-21529":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-22T10:18:55.356Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":31,"aliases":32,"duplicate_of":9,"upstream":33,"downstream":34,"duplicates":35,"related":36,"reserved_at":9,"published_at":37,"modified_at":38,"state":39,"summary":40,"references_raw":49,"kevs":68,"epss":79,"epss_history":82,"metrics":337,"affected":346},"CVE-2023-21529","Microsoft Exchange Server Remote Code Execution Vulnerability",null,[11,18],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],{"_key":19,"id":19,"name":20,"description":21,"type":22,"status":23,"abstraction":24,"likelihood_of_exploit":25,"capec":26},"CWE-502","Deserialization of Untrusted Data","The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.","weakness","Draft","Base","Medium",[27],{"id":28,"name":29,"techniques":30},"CAPEC-586","Object Injection",[],[],[],[],[],[],[],"2023-02-14T19:33:00.590Z","2026-04-14T03:55:24.065Z","Analyzed",{"cisa_kev":41,"cisa_ransomware":41,"cisa_vendor":42,"epss_severity":43,"epss_score":44,"severity":43,"severity_score":45,"severity_version":46,"severity_source":47,"severity_vector":48,"severity_status":39},true,"Microsoft","high",0.28939,8.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",[50,57,62],{"url":51,"sources":52,"tags":54},"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21529",[47,53],"nvd",[55,56],"Vendor Advisory","Patch",{"url":58,"sources":59,"tags":60},"https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/",[47,53],[55,61],"Technical Description",{"url":63,"sources":64,"tags":65},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-21529",[47,53],[66,67],"Government Resource","US Government Resource",[69],{"source":70,"vendor":42,"product":71,"date_added":72,"vulnerability_name":73,"short_description":74,"required_action":75,"due_date":76,"known_ransomware_campaign_use":77,"notes":78,"exploitation_type":9},"cisa","Exchange Server","2026-04-13","Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability","Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.","Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","2026-04-27","Known","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21529 ; https://nvd.nist.gov/vuln/detail/CVE-2023-21529",{"date":80,"score":44,"percentile":81},"2026-04-21",0.9658,[83,87,90,93,96,99,103,105,108,111,113,116,118,120,122,126,129,132,135,138,140,142,145,148,151,154,157,159,162,164,166,169,172,174,177,180,183,186,190,193,196,198,201,204,207,210,212,214,216,218,221,224,227,230,233,237,240,243,246,249,252,255,258,261,264,266,269,271,274,277,281,283,286,288,291,294,297,299,302,304,307,310,313,316,319,322,325,329,332,334],{"date":84,"score":85,"percentile":86},"2025-11-04",0.14582,0.94172,{"date":88,"score":85,"percentile":89},"2025-11-05",0.94171,{"date":91,"score":85,"percentile":92},"2025-11-06",0.94173,{"date":94,"score":85,"percentile":95},"2025-11-07",0.94177,{"date":97,"score":85,"percentile":98},"2025-11-08",0.94179,{"date":100,"score":101,"percentile":102},"2025-11-09",0.18436,0.94959,{"date":104,"score":101,"percentile":102},"2025-11-10",{"date":106,"score":101,"percentile":107},"2025-11-11",0.94961,{"date":109,"score":101,"percentile":110},"2025-11-12",0.94963,{"date":112,"score":101,"percentile":110},"2025-11-13",{"date":114,"score":101,"percentile":115},"2025-11-14",0.94964,{"date":117,"score":101,"percentile":102},"2025-11-15",{"date":119,"score":101,"percentile":110},"2025-11-16",{"date":121,"score":101,"percentile":115},"2025-11-17",{"date":123,"score":124,"percentile":125},"2025-11-18",0.38515,0.97063,{"date":127,"score":124,"percentile":128},"2025-11-19",0.97064,{"date":130,"score":124,"percentile":131},"2025-11-20",0.97066,{"date":133,"score":101,"percentile":134},"2025-11-21",0.94972,{"date":136,"score":101,"percentile":137},"2025-11-22",0.94971,{"date":139,"score":101,"percentile":134},"2025-11-23",{"date":141,"score":101,"percentile":134},"2025-11-24",{"date":143,"score":101,"percentile":144},"2025-11-25",0.94975,{"date":146,"score":101,"percentile":147},"2025-11-26",0.94976,{"date":149,"score":101,"percentile":150},"2025-11-27",0.94979,{"date":152,"score":101,"percentile":153},"2025-11-28",0.94977,{"date":155,"score":101,"percentile":156},"2025-11-29",0.94982,{"date":158,"score":101,"percentile":150},"2025-11-30",{"date":160,"score":101,"percentile":161},"2025-12-01",0.95026,{"date":163,"score":101,"percentile":161},"2025-12-02",{"date":165,"score":101,"percentile":161},"2025-12-03",{"date":167,"score":101,"percentile":168},"2025-12-04",0.94981,{"date":170,"score":101,"percentile":171},"2025-12-05",0.94985,{"date":173,"score":101,"percentile":171},"2025-12-06",{"date":175,"score":101,"percentile":176},"2025-12-07",0.94991,{"date":178,"score":101,"percentile":179},"2025-12-08",0.94989,{"date":181,"score":101,"percentile":182},"2025-12-09",0.94993,{"date":184,"score":101,"percentile":185},"2025-12-10",0.94999,{"date":187,"score":188,"percentile":189},"2025-12-11",0.20264,0.95303,{"date":191,"score":188,"percentile":192},"2025-12-12",0.95305,{"date":194,"score":188,"percentile":195},"2025-12-13",0.95306,{"date":197,"score":188,"percentile":189},"2025-12-14",{"date":199,"score":188,"percentile":200},"2025-12-15",0.95307,{"date":202,"score":188,"percentile":203},"2025-12-16",0.95309,{"date":205,"score":188,"percentile":206},"2025-12-17",0.9531,{"date":208,"score":188,"percentile":209},"2025-12-18",0.95314,{"date":211,"score":188,"percentile":209},"2025-12-19",{"date":213,"score":188,"percentile":209},"2025-12-20",{"date":215,"score":188,"percentile":209},"2025-12-21",{"date":217,"score":188,"percentile":209},"2025-12-22",{"date":219,"score":188,"percentile":220},"2025-12-23",0.95313,{"date":222,"score":188,"percentile":223},"2025-12-24",0.95318,{"date":225,"score":188,"percentile":226},"2025-12-25",0.95321,{"date":228,"score":188,"percentile":229},"2025-12-26",0.95323,{"date":231,"score":188,"percentile":232},"2025-12-27",0.95348,{"date":234,"score":235,"percentile":236},"2025-12-28",0.24748,0.95952,{"date":238,"score":235,"percentile":239},"2025-12-29",0.95953,{"date":241,"score":235,"percentile":242},"2025-12-30",0.95954,{"date":244,"score":235,"percentile":245},"2025-12-31",0.95959,{"date":247,"score":235,"percentile":248},"2026-01-01",0.95993,{"date":250,"score":235,"percentile":251},"2026-01-02",0.95988,{"date":253,"score":235,"percentile":254},"2026-01-03",0.95985,{"date":256,"score":235,"percentile":257},"2026-01-04",0.9595,{"date":259,"score":235,"percentile":260},"2026-01-05",0.95947,{"date":262,"score":235,"percentile":263},"2026-01-06",0.95948,{"date":265,"score":235,"percentile":263},"2026-01-07",{"date":267,"score":235,"percentile":268},"2026-01-08",0.95951,{"date":270,"score":235,"percentile":239},"2026-01-09",{"date":272,"score":235,"percentile":273},"2026-01-10",0.95958,{"date":275,"score":235,"percentile":276},"2026-01-11",0.95955,{"date":278,"score":279,"percentile":280},"2026-01-12",0.21307,0.95498,{"date":282,"score":279,"percentile":280},"2026-01-13",{"date":284,"score":279,"percentile":285},"2026-01-14",0.95504,{"date":287,"score":279,"percentile":285},"2026-01-15",{"date":289,"score":279,"percentile":290},"2026-01-16",0.95506,{"date":292,"score":279,"percentile":293},"2026-01-17",0.95508,{"date":295,"score":279,"percentile":296},"2026-01-18",0.95511,{"date":298,"score":279,"percentile":293},"2026-01-19",{"date":300,"score":279,"percentile":301},"2026-01-20",0.95509,{"date":303,"score":279,"percentile":296},"2026-01-21",{"date":305,"score":279,"percentile":306},"2026-01-22",0.95514,{"date":308,"score":279,"percentile":309},"2026-01-23",0.95519,{"date":311,"score":279,"percentile":312},"2026-01-24",0.95522,{"date":314,"score":279,"percentile":315},"2026-01-25",0.95525,{"date":317,"score":279,"percentile":318},"2026-01-26",0.95527,{"date":320,"score":279,"percentile":321},"2026-01-27",0.95526,{"date":323,"score":279,"percentile":324},"2026-01-28",0.95528,{"date":326,"score":327,"percentile":328},"2026-01-29",0.36675,0.9702,{"date":330,"score":327,"percentile":331},"2026-01-30",0.97021,{"date":333,"score":327,"percentile":331},"2026-01-31",{"date":335,"score":327,"percentile":336},"2026-02-01",0.97046,[338,343],{"source":47,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":339,"cvss_v4_0":9},{"baseScore":45,"baseSeverity":340,"vectorString":48,"impactScore":341,"exploitabilityScore":342},"HIGH",9.8,7.2,{"source":53,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":344,"cvss_v4_0":9},{"baseScore":45,"baseSeverity":340,"vectorString":345,"impactScore":341,"exploitabilityScore":342},"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[347,359,371,379,387],{"ecosystem":9,"name":71,"vendor":9,"product":71,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":348},[349,353,355,357],{"version":350,"is_range":351,"range_type":352,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2013:cumulative_update_23",false,"cpe",{"version":354,"is_range":351,"range_type":352,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2016:cumulative_update_23",{"version":356,"is_range":351,"range_type":352,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2019:cumulative_update_11",{"version":358,"is_range":351,"range_type":352,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2019:cumulative_update_12",{"ecosystem":9,"name":360,"vendor":361,"product":362,"cpe_part":363,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":364},"Microsoft Exchange Server 2013 Cumulative Update 23","microsoft","microsoft exchange server 2013 cumulative update 23","a",[365],{"version":366,"is_range":41,"range_type":47,"version_start":367,"version_start_type":368,"version_end":369,"version_end_type":370,"fixed_in":9},">= 15.00.0, \u003C 15.00.1497.047","15.00.0","including","15.00.1497.047","excluding",{"ecosystem":9,"name":372,"vendor":361,"product":373,"cpe_part":363,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":374},"Microsoft Exchange Server 2016 Cumulative Update 23","microsoft exchange server 2016 cumulative update 23",[375],{"version":376,"is_range":41,"range_type":47,"version_start":377,"version_start_type":368,"version_end":378,"version_end_type":370,"fixed_in":9},">= 15.01.0, \u003C 15.01.2507.021","15.01.0","15.01.2507.021",{"ecosystem":9,"name":380,"vendor":361,"product":381,"cpe_part":363,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":382},"Microsoft Exchange Server 2019 Cumulative Update 11","microsoft exchange server 2019 cumulative update 11",[383],{"version":384,"is_range":41,"range_type":47,"version_start":385,"version_start_type":368,"version_end":386,"version_end_type":370,"fixed_in":9},">= 15.02.0, \u003C 15.02.0986.041","15.02.0","15.02.0986.041",{"ecosystem":9,"name":388,"vendor":361,"product":389,"cpe_part":363,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":390},"Microsoft Exchange Server 2019 Cumulative Update 12","microsoft exchange server 2019 cumulative update 12",[391],{"version":392,"is_range":41,"range_type":47,"version_start":385,"version_start_type":368,"version_end":393,"version_end_type":370,"fixed_in":9},">= 15.02.0, \u003C 15.02.1118.025","15.02.1118.025"]