Skip to main content

Severity by source

Vendor (microsoft) PRIMARY
MEDIUM
qualitative
NVD
3.3 LOW
AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Primary rating from Vendor (microsoft).

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

3
Severity Changed
Jul 16, 2026 - 16:22 NVD
MEDIUM LOW
CVSS changed
Jul 16, 2026 - 16:22 NVD
5.5 (MEDIUM) 3.3 (LOW)
CVE Published
Jul 14, 2026 - 17:08 cve.org
MEDIUM 5.5

DescriptionNVD

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Analysis

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-55033 HIGH
7.8 Jul 14

Local code execution in Microsoft Word (and Office/SharePoint components that render Word content) stems from an integer

CVE-2026-55038 HIGH
7.8 Jul 14

Arbitrary code execution in Microsoft Office Word (and the broader Office/365/SharePoint family) arises from a stack-bas

CVE-2026-55132 HIGH
7.8 Jul 14

Local code execution in Microsoft Word (part of Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, and Office for M

CVE-2026-55120 HIGH
7.8 Jul 14

Arbitrary code execution in Microsoft PowerPoint (and the broader Microsoft Office/365 suite on Windows and macOS) arise

CVE-2026-55123 HIGH
7.8 Jul 14

Local code execution in Microsoft Office PowerPoint (including Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, a

CVE-2026-55043 HIGH
7.8 Jul 14

Local code execution in Microsoft Office PowerPoint (CWE-122 heap-based buffer overflow) lets an unauthorized attacker r

CVE-2026-55127 HIGH
7.8 Jul 14

Local code execution in Microsoft Word (and the wider Microsoft Office / Microsoft 365 Apps family) lets an unauthorized

CVE-2026-55130 HIGH
7.8 Jul 14

Local code execution in Microsoft Word (Office 2016/2019, Microsoft 365 Apps, Office LTSC 2021/2024) arises from a heap-

CVE-2026-55128 HIGH
7.8 Jul 14

Local code execution in Microsoft Office Word (CWE-416 use-after-free) allows an unauthorized attacker to run arbitrary

CVE-2026-55134 HIGH
7.8 Jul 14

Local code execution in Microsoft Office Word (Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Word 2016, and the macOS

CVE-2026-55055 HIGH
7.8 Jul 14

Local code execution in Microsoft Office Word (via a stack-based buffer overflow, CWE-121) lets an attacker run arbitrar

CVE-2026-55032 HIGH
7.8 Jul 14

Local code execution in Microsoft Office Word (across Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Office for Mac, an

Share

EUVD-2026-44193 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy