Skip to main content

Microsoft Office 2016

27 CVEs product

Monthly

CVE-2026-55121 MEDIUM PATCH This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-56195 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office exposes sensitive memory contents to a local, unauthenticated attacker who can induce a user to open a malicious document. Affected products span the full current Office portfolio - Office 2016 through LTSC 2024 on both Windows and macOS - making the blast radius broad despite the local attack vector. No public exploit identified at time of analysis and SSVC classifies exploitation as none and not automatable, though the high confidentiality impact (C:H) and near-universal deployment of Office keep this a meaningful patching priority.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-56192 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-50665 HIGH PATCH Exploit Unlikely This Week

Information disclosure in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) arises from an out-of-bounds read (CWE-125) that lets an attacker who convinces a victim to open a crafted file read memory beyond an intended buffer boundary. Exploitation is local and requires user interaction, and there is no public exploit identified at time of analysis and no CISA KEV listing. Disclosed memory can leak sensitive data such as heap contents or pointer addresses useful for defeating ASLR in a follow-on exploit chain.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55139 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-55042 MEDIUM PATCH This Month

Uninitialized memory disclosure in Microsoft Office exposes sensitive data locally when a user interacts with a crafted document. The vulnerability, rooted in CWE-908 (Use of Uninitialized Resource), affects the full breadth of current Office deployments across Windows and macOS, including Office 2016 through LTSC 2024 and Microsoft 365 Apps for Enterprise. No public exploit code has been identified at time of analysis, and SSVC signals confirm no observed exploitation; however, the High confidentiality impact warrants prompt patching given Office's ubiquitous deployment footprint.

Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 Microsoft Office 2019 +5
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-55140 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, 365 Apps for Enterprise, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by getting a victim to open a maliciously crafted Office document. Rated CVSS 7.8 with high impact to confidentiality, integrity, and availability, exploitation requires user interaction but no prior authentication or privileges. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV, but Microsoft has released a patch via the MSRC update guide.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55056 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted document. The CVSS 3.1 score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, meaning code runs in the context of the current user. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available via MSRC.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55057 MEDIUM PATCH Exploit Unlikely This Month

Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.

Information Disclosure Microsoft Integer Overflow Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-55035 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-55129 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) triggered when a user opens a maliciously crafted document. Rated CVSS 7.8 (AV:L/UI:R), an attacker who convinces a victim to open a weaponized file can run arbitrary code in the context of the current user. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55049 HIGH PATCH NEWS Exploit Unlikely This Week

Local arbitrary code execution in Microsoft Office (Microsoft 365 Apps for Enterprise, Office 2016/2019, Office LTSC 2021/2024, and their macOS equivalents) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted Office document. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows the flaw requires user interaction but no prior privileges, yielding full high-impact compromise of confidentiality, integrity, and availability in the user's context. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation status is not currently confirmed.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55045 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, 365 Apps, and the macOS builds) stems from an out-of-bounds read in a file-parsing routine that lets a crafted document corrupt memory and run attacker-controlled code in the context of the current user. The same document-parsing components also affect SharePoint Enterprise Server 2016, SharePoint Server 2019, and the Subscription Edition. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD VulDB
CVSS 3.1
8.4
EPSS
0.3%
CVE-2026-55047 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-55028 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-55027 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-55026 MEDIUM PATCH Exploit Unlikely This Month

Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.

Information Disclosure Microsoft Integer Overflow Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
6.2
EPSS
0.4%
CVE-2026-55125 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, Office for Mac, and SharePoint Server) arises from a heap-based buffer overflow (CWE-122) that an unauthorized attacker triggers when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high confidentiality, integrity, and availability impact, meaning successful exploitation yields full code execution in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Office makes it a high-priority patch target.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55023 MEDIUM PATCH This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-55022 HIGH PATCH NEWS Exploit Unlikely This Week

Local arbitrary code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac 2021/2024) arises from a type-confusion flaw (CWE-843) that lets an attacker run code in the context of the current user when a victim opens a crafted file. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) reflecting local vector with required user interaction and high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.

Microsoft Memory Corruption Authentication Bypass Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-55018 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) stems from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted document. Rated CVSS 7.8 with high confidentiality, integrity, and availability impact, exploitation requires user interaction but no prior authentication, letting an attacker run arbitrary code in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix, so patching should be prioritized during the normal Patch Tuesday cycle.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55017 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) arises from a heap-based buffer overflow that an attacker triggers when a victim opens a maliciously crafted Office document. Successful exploitation yields full confidentiality, integrity, and availability impact in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Office and the low attack complexity make this a meaningful patch priority.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Office 2016 +3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50467 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and Office for Mac 2021/2024) arises from a use-after-free memory corruption flaw that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation runs arbitrary code in the context of the current user, yielding full confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV; Microsoft has published a patch via MSRC.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50314 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and the macOS editions) arises from a use-after-free memory-corruption flaw (CWE-416) that lets an attacker run arbitrary code in the context of the current user after the victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, and requires user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-50301 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation yields full code execution in the context of the current user, with high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; SSVC rates current exploitation as none.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Office 2016 +3
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-47290 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (including Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) stems from a use-after-free memory-corruption flaw (CWE-416). An attacker who convinces a user to open a specially crafted Office document can execute arbitrary code in the context of the current user, gaining full confidentiality, integrity, and availability impact. Exploitation requires user interaction (opening a malicious file) and there is no public exploit identified at time of analysis.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +4
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-56193 HIGH PATCH Exploit Unlikely This Week

Information disclosure in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) via an out-of-bounds read (CWE-125) lets an attacker leak sensitive memory contents when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.1 (AV:L/AC:L/PR:N/UI:R), reflecting local exploitation that requires user interaction but no prior authentication. Microsoft is the reporting source and has published a fix; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
7.1
EPSS
0.4%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure +11
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office exposes sensitive memory contents to a local, unauthenticated attacker who can induce a user to open a malicious document. Affected products span the full current Office portfolio - Office 2016 through LTSC 2024 on both Windows and macOS - making the blast radius broad despite the local attack vector. No public exploit identified at time of analysis and SSVC classifies exploitation as none and not automatable, though the high confidentiality impact (C:H) and near-universal deployment of Office keep this a meaningful patching priority.

Buffer Overflow Microsoft Information Disclosure +8
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Information disclosure in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) arises from an out-of-bounds read (CWE-125) that lets an attacker who convinces a victim to open a crafted file read memory beyond an intended buffer boundary. Exploitation is local and requires user interaction, and there is no public exploit identified at time of analysis and no CISA KEV listing. Disclosed memory can leak sensitive data such as heap contents or pointer addresses useful for defeating ASLR in a follow-on exploit chain.

Buffer Overflow Microsoft Information Disclosure +8
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure +8
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Uninitialized memory disclosure in Microsoft Office exposes sensitive data locally when a user interacts with a crafted document. The vulnerability, rooted in CWE-908 (Use of Uninitialized Resource), affects the full breadth of current Office deployments across Windows and macOS, including Office 2016 through LTSC 2024 and Microsoft 365 Apps for Enterprise. No public exploit code has been identified at time of analysis, and SSVC signals confirm no observed exploitation; however, the High confidentiality impact warrants prompt patching given Office's ubiquitous deployment footprint.

Microsoft Information Disclosure Microsoft 365 Apps For Enterprise +7
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, 365 Apps for Enterprise, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by getting a victim to open a maliciously crafted Office document. Rated CVSS 7.8 with high impact to confidentiality, integrity, and availability, exploitation requires user interaction but no prior authentication or privileges. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV, but Microsoft has released a patch via the MSRC update guide.

Heap Overflow Buffer Overflow Microsoft +8
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted document. The CVSS 3.1 score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, meaning code runs in the context of the current user. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available via MSRC.

Heap Overflow Buffer Overflow Microsoft +8
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.

Information Disclosure Microsoft Integer Overflow +8
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) triggered when a user opens a maliciously crafted document. Rated CVSS 7.8 (AV:L/UI:R), an attacker who convinces a victim to open a weaponized file can run arbitrary code in the context of the current user. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Heap Overflow Buffer Overflow Microsoft +8
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local arbitrary code execution in Microsoft Office (Microsoft 365 Apps for Enterprise, Office 2016/2019, Office LTSC 2021/2024, and their macOS equivalents) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted Office document. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows the flaw requires user interaction but no prior privileges, yielding full high-impact compromise of confidentiality, integrity, and availability in the user's context. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation status is not currently confirmed.

Heap Overflow Buffer Overflow Microsoft +8
NVD
EPSS 0% CVSS 8.4
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, 365 Apps, and the macOS builds) stems from an out-of-bounds read in a file-parsing routine that lets a crafted document corrupt memory and run attacker-controlled code in the context of the current user. The same document-parsing components also affect SharePoint Enterprise Server 2016, SharePoint Server 2019, and the Subscription Edition. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis.

Buffer Overflow Microsoft Information Disclosure +11
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure +11
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure +11
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure +11
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH Exploit Unlikely This Month

Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.

Information Disclosure Microsoft Integer Overflow +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, Office for Mac, and SharePoint Server) arises from a heap-based buffer overflow (CWE-122) that an unauthorized attacker triggers when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high confidentiality, integrity, and availability impact, meaning successful exploitation yields full code execution in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Office makes it a high-priority patch target.

Heap Overflow Buffer Overflow Microsoft +11
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local arbitrary code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac 2021/2024) arises from a type-confusion flaw (CWE-843) that lets an attacker run code in the context of the current user when a victim opens a crafted file. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) reflecting local vector with required user interaction and high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.

Microsoft Memory Corruption Authentication Bypass +8
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) stems from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted document. Rated CVSS 7.8 with high confidentiality, integrity, and availability impact, exploitation requires user interaction but no prior authentication, letting an attacker run arbitrary code in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix, so patching should be prioritized during the normal Patch Tuesday cycle.

Use After Free Memory Corruption Denial Of Service +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) arises from a heap-based buffer overflow that an attacker triggers when a victim opens a maliciously crafted Office document. Successful exploitation yields full confidentiality, integrity, and availability impact in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Office and the low attack complexity make this a meaningful patch priority.

Heap Overflow Buffer Overflow Microsoft +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and Office for Mac 2021/2024) arises from a use-after-free memory corruption flaw that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation runs arbitrary code in the context of the current user, yielding full confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV; Microsoft has published a patch via MSRC.

Use After Free Memory Corruption Denial Of Service +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and the macOS editions) arises from a use-after-free memory-corruption flaw (CWE-416) that lets an attacker run arbitrary code in the context of the current user after the victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, and requires user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.

Use After Free Memory Corruption Denial Of Service +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation yields full code execution in the context of the current user, with high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; SSVC rates current exploitation as none.

Heap Overflow Buffer Overflow Microsoft +5
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (including Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) stems from a use-after-free memory-corruption flaw (CWE-416). An attacker who convinces a user to open a specially crafted Office document can execute arbitrary code in the context of the current user, gaining full confidentiality, integrity, and availability impact. Exploitation requires user interaction (opening a malicious file) and there is no public exploit identified at time of analysis.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.1
HIGH PATCH Exploit Unlikely This Week

Information disclosure in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) via an out-of-bounds read (CWE-125) lets an attacker leak sensitive memory contents when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.1 (AV:L/AC:L/PR:N/UI:R), reflecting local exploitation that requires user interaction but no prior authentication. Microsoft is the reporting source and has published a fix; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Buffer Overflow Microsoft Information Disclosure +8
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy