{"uuid": "e2f92f42-a01b-4d85-987f-da7d0f20dab9", "vulnerability": {"vulnId": "CVE-2022-41082", "altId": []}, "gcve": {"origin_uuid": "caeb2787-0d58-4236-9039-7c86c3e566f3", "gna": 1, "object_uuid": "e2f92f42-a01b-4d85-987f-da7d0f20dab9"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2022-09-30T00:00:00+00:00"}, "characteristics": {}, "timestamps": {"asserted_at": "2022-09-30T00:00:00Z", "recorded_at": "2026-06-19T12:44:49Z", "first_seen_at": "2022-09-30T00:00:00Z"}, "scope": {"notes": "KEVIntel entry: Microsoft Exchange Server Remote Code Execution Vulnerability | Affected: Microsoft / Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 23 | CVSS: 8.0 (HIGH) | EPSS: 0.99964 | Used in malware: yes | Not yet in CISA KEV: False"}, "evidence": [{"type": "public_report", "source": "kevintel", "signal": "confirmed_compromise", "confidence": 0.7, "details": {"feed": "KEVIntel (kevintel.com)", "title": "Microsoft Exchange Server Remote Code Execution Vulnerability", "vendor": "Microsoft", "product": "Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 23", "added_date": "2022-09-30T00:00:00.000Z", "cvss_score": 8.0, "epss_score": 0.99964, "cvss_severity": "HIGH", "epss_percentile": 0.99976, "used_in_malware": "yes", "ahead_of_cisa_kev": null, "not_yet_in_cisa_kev": false}}], "references": [{"id": "CVE-2022-41082", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41082"}, {"id": "kevintel", "url": "https://kevintel.com/vuln/CVE-2022-41082"}]}