Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
AnalysisAI
Arbitrary code execution in Microsoft Office Excel arises from a use-after-free (CWE-416) memory-corruption flaw affecting Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server. The CVSS 3.1 vector (AV:L/UI:R) makes this a user-interaction-dependent, locally-scoped issue: a victim must open a maliciously crafted Excel workbook, after which the attacker gains code execution in the user's security context. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Recommended ActionAI
Within 24 hours: Identify all systems running affected Office versions (Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, Office for Mac, Office Online Server) and communicate urgency to IT and users. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Arbitrary code execution in Microsoft PowerPoint (and the broader Microsoft Office/365 suite on Windows and macOS) arise
Local code execution in Microsoft Office PowerPoint (including Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, a
Local code execution in Microsoft Office PowerPoint (CWE-122 heap-based buffer overflow) lets an unauthorized attacker r
Local code execution in Microsoft Word (Office 2016/2019, Microsoft 365 Apps, Office LTSC 2021/2024) arises from a heap-
Local code execution in Microsoft Office Word (CWE-416 use-after-free) allows an unauthorized attacker to run arbitrary
Local code execution in Microsoft Office Word (Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Word 2016, and the macOS
Local code execution in Microsoft Word (part of Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, and Office for M
Arbitrary code execution in Microsoft Office Word (and the broader Office/365/SharePoint family) arises from a stack-bas
Local code execution in Microsoft Office Word (via a stack-based buffer overflow, CWE-121) lets an attacker run arbitrar
Local code execution in Microsoft Word (and the wider Microsoft Office / Microsoft 365 Apps family) lets an unauthorized
Local code execution in Microsoft Word (and Office/SharePoint components that render Word content) stems from an integer
Local code execution in Microsoft Office Word (across Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Office for Mac, an
Same weakness CWE-416 – Use After Free
View allSame technique Use After Free
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44227
GHSA-wj9r-qhp4-vhvp