Microsoft Office 2019
Monthly
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Out-of-bounds read in Microsoft Office exposes sensitive memory contents to a local, unauthenticated attacker who can induce a user to open a malicious document. Affected products span the full current Office portfolio - Office 2016 through LTSC 2024 on both Windows and macOS - making the blast radius broad despite the local attack vector. No public exploit identified at time of analysis and SSVC classifies exploitation as none and not automatable, though the high confidentiality impact (C:H) and near-universal deployment of Office keep this a meaningful patching priority.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Information disclosure in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) arises from an out-of-bounds read (CWE-125) that lets an attacker who convinces a victim to open a crafted file read memory beyond an intended buffer boundary. Exploitation is local and requires user interaction, and there is no public exploit identified at time of analysis and no CISA KEV listing. Disclosed memory can leak sensitive data such as heap contents or pointer addresses useful for defeating ASLR in a follow-on exploit chain.
Local code execution in Microsoft Office Excel (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) allows an attacker to run arbitrary code in the context of the current user when a victim opens a maliciously crafted spreadsheet. The flaw stems from use of an uninitialized resource (CWE-908) and carries a CVSS 7.8; it requires user interaction (opening the file) and no prior privileges. No public exploit identified at time of analysis, and it is not listed in CISA KEV, but a vendor patch is available.
Local code execution in Microsoft Excel (Office 2016 through Office LTSC 2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) allows an attacker to run arbitrary code when a victim opens a maliciously crafted spreadsheet. The flaw is a heap-based buffer overflow (CWE-122) triggered during file parsing, giving full confidentiality, integrity, and availability impact in the user's context. No public exploit identified at time of analysis, and it is not listed in CISA KEV, so exploitation currently appears theoretical rather than active.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Arbitrary code execution in Microsoft Office Excel arises from a use-after-free (CWE-416) memory-corruption flaw affecting Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server. The CVSS 3.1 vector (AV:L/UI:R) makes this a user-interaction-dependent, locally-scoped issue: a victim must open a maliciously crafted Excel workbook, after which the attacker gains code execution in the user's security context. No public exploit is identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available.
Arbitrary code execution in Microsoft PowerPoint (and the broader Microsoft Office/365 suite on Windows and macOS) arises from a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted presentation file. An attacker who cannot log in to the target can still run code in the context of the current user by convincing that user to open the booby-trapped file, giving full confidentiality, integrity, and availability impact on the affected host. Microsoft has released a patch; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Local code execution in Microsoft Office PowerPoint (including Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, and their macOS variants) arises from a heap-based buffer overflow triggered when a victim opens a maliciously crafted presentation file. Successful exploitation runs attacker-controlled code with the privileges of the current user, yielding full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but Microsoft has released a patch.
Local code execution in Microsoft Office PowerPoint (CWE-122 heap-based buffer overflow) lets an unauthorized attacker run arbitrary code when a victim opens a maliciously crafted presentation file. The flaw affects a broad Office footprint - PowerPoint 2016, Office 2019, Office LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and multiple Office for Mac builds - and requires user interaction (opening the file) but no prior privileges. A vendor patch is available via MSRC; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Uninitialized memory disclosure in Microsoft Office exposes sensitive data locally when a user interacts with a crafted document. The vulnerability, rooted in CWE-908 (Use of Uninitialized Resource), affects the full breadth of current Office deployments across Windows and macOS, including Office 2016 through LTSC 2024 and Microsoft 365 Apps for Enterprise. No public exploit code has been identified at time of analysis, and SSVC signals confirm no observed exploitation; however, the High confidentiality impact warrants prompt patching given Office's ubiquitous deployment footprint.
Local code execution in Microsoft Word (Office 2016/2019, Microsoft 365 Apps, Office LTSC 2021/2024) arises from a heap-based buffer overflow triggered when a victim opens a maliciously crafted document. An attacker who convinces a user to open a booby-trapped file can run arbitrary code in that user's context, achieving full compromise of confidentiality, integrity, and availability on the host. No public exploit identified at time of analysis and the flaw is not listed in CISA KEV, though a vendor patch is available per Microsoft's MSRC advisory.
Local code execution in Microsoft Office Word (CWE-416 use-after-free) allows an unauthorized attacker to run arbitrary code in the context of the current user when a victim opens a maliciously crafted document. The flaw affects a broad Office footprint including Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024 (Windows and Mac), and related SharePoint Server products that process Word documents. Microsoft has released a patch; no public exploit has been identified at time of analysis, and neither KEV nor EPSS/POC signals were provided in the input.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, 365 Apps for Enterprise, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by getting a victim to open a maliciously crafted Office document. Rated CVSS 7.8 with high impact to confidentiality, integrity, and availability, exploitation requires user interaction but no prior authentication or privileges. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV, but Microsoft has released a patch via the MSRC update guide.
Numeric truncation error in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted document. The CVSS 3.1 score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, meaning code runs in the context of the current user. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available via MSRC.
Local code execution in Microsoft Office Word (Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Word 2016, and the macOS builds) arises from a stack-based buffer overflow triggered when a victim opens a maliciously crafted document. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows an unauthenticated attacker needs no privileges but does require user interaction, and successful exploitation yields full confidentiality, integrity, and availability impact in the user's security context. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a patch.
Arbitrary code execution in Microsoft Office Excel arises from a heap-based buffer overflow (CWE-122) that an attacker triggers when a victim opens a maliciously crafted spreadsheet, running code in the security context of the current user. The flaw spans a broad Office footprint including Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the macOS Office editions, and Office Online Server. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; the CVSS 7.8 rating reflects high impact gated by required user interaction.
Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.
Information disclosure in Microsoft Office Excel (2016, Office 2019, LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) lets an attacker read out-of-bounds memory when a victim opens a maliciously crafted spreadsheet, potentially leaking sensitive process data such as memory contents, pointers, or credentials. Rated CVSS 7.1 with a local attack vector requiring user interaction, the flaw stems from a CWE-125 out-of-bounds read in Excel's file parser. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Excel and Microsoft's confirmed patch make prompt patching important.
Local code execution in Microsoft Excel arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by luring a victim into opening a maliciously crafted spreadsheet, yielding attacker code in the user's security context. It affects a broad Office family including Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the macOS editions, and Office Online Server. The CVSS 3.1 base score is 7.8 and the vector requires user interaction (UI:R); there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local code execution in Microsoft Office Excel (across Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, Office for Mac, and Office Online Server) stems from a heap-based buffer overflow (CWE-122) that an attacker triggers when a victim opens a maliciously crafted spreadsheet. Rated CVSS 7.8 with no privileges required but mandatory user interaction, successful exploitation yields full confidentiality, integrity, and availability impact in the context of the victim user. There is no public exploit identified at time of analysis and it is not on the CISA KEV list, but Microsoft has released a patch.
Local code execution in Microsoft Word (part of Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, and Office for Mac) stems from a double free of heap memory (CWE-415) that lets an unauthorized attacker run arbitrary code when a victim opens a malicious document. The flaw was reported by Microsoft, carries CVSS 7.8, and a vendor patch is available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation requires the target to open a crafted file (UI:R), it is a user-interaction-gated client-side RCE rather than a remotely-triggerable service bug.
Arbitrary code execution in Microsoft Office Word (and the broader Office/365/SharePoint family) arises from a stack-based buffer overflow (CWE-121) that an attacker triggers when a victim opens a maliciously crafted document. The CVSS 3.1 vector (AV:L/UI:R) confirms this is a file-borne, local-context flaw requiring the user to open attacker-supplied content, yielding full confidentiality, integrity, and availability impact in the user's session. No public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft has released a patch via MSRC.
Local code execution in Microsoft Office Excel (Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, Office for Mac, Office Online Server) arises from an out-of-bounds read (CWE-125) that an attacker weaponizes by luring a victim into opening a crafted spreadsheet, yielding code execution in the user's security context. The flaw carries a CVSS 7.8 (AV:L/AC:L/PR:N/UI:R) and requires no privileges but does require user interaction. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Arbitrary code execution in Microsoft Excel (spanning Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server) allows an unauthorized attacker to run code in the victim's context by tricking them into opening a maliciously crafted spreadsheet. The flaw is a heap-based buffer overflow (CWE-122) that executes with the local user's privileges once the file is opened. Microsoft has released a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
Local code execution in Microsoft Office Word (via a stack-based buffer overflow, CWE-121) lets an attacker run arbitrary code in the context of the user who opens a maliciously crafted document. The flaw affects Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024 (including Mac editions), and the Word component shared with SharePoint Server 2016/2019/Subscription Edition. No public exploit identified at time of analysis, and it is not listed in CISA KEV; exploitation requires the victim to open the attacker's file (UI:R).
Local code execution in Microsoft Excel (Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server) arises from an out-of-bounds read (CWE-125) triggered when a victim opens a maliciously crafted spreadsheet. CVSS 7.8 with high impact to confidentiality, integrity, and availability; no public exploit identified at time of analysis. Exploitation requires user interaction (opening the file) but no prior authentication or privileges on the target beyond the ability to induce the user to open the document.
Local arbitrary code execution in Microsoft Excel arises from a buffer over-read (CWE-126) triggered when a victim opens a maliciously crafted spreadsheet, letting an attacker run code in the context of the current user. The flaw spans Office 2016/2019, Microsoft 365 Apps, Office LTSC 2021/2024 (Windows and Mac) and Office Online Server; a vendor patch is available via MSRC. No public exploit has been identified at time of analysis, and the CVSS 7.8 (AV:L/UI:R) rating reflects that user interaction is required.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) triggered when a user opens a maliciously crafted document. Rated CVSS 7.8 (AV:L/UI:R), an attacker who convinces a victim to open a weaponized file can run arbitrary code in the context of the current user. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local code execution in Microsoft Excel (and the broader Office 2016/2019/LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server family) results from a stack-based buffer overflow triggered when a victim opens a maliciously crafted spreadsheet. An attacker who convinces a user to open a booby-trapped file can run arbitrary code in the context of that user, with full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not on CISA KEV, but the ubiquity of Excel and Microsoft's own advisory make this a routine patch-Tuesday-class priority.
Arbitrary local code execution in Microsoft Office Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the Office for Mac editions, and Office Online Server) lets an attacker run code in the current user's context when a victim opens a maliciously crafted spreadsheet. The flaw is an untrusted pointer dereference (CWE-822) triggered during file parsing; it requires user interaction but no prior privileges. No public exploit is identified at time of analysis, and a vendor patch is available from Microsoft (MSRC).
Local code execution in Microsoft Word (and the wider Microsoft Office / Microsoft 365 Apps family) lets an unauthorized attacker run arbitrary code when a victim opens a maliciously crafted Word document that triggers a heap-based buffer overflow. All impacted SKUs - Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, the macOS Office builds, and SharePoint Server (which renders Office documents server-side) - are affected, and Microsoft has released a patch. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Untrusted pointer dereference (CWE-822) in Microsoft Excel allows a local attacker to disclose sensitive memory contents when a victim opens a specially crafted workbook. The flaw affects a broad swath of Microsoft Office product lines - from Excel 2016 through Office LTSC 2024 and their Mac counterparts - as confirmed by CPE enumeration. No public exploit code or active exploitation has been identified at time of analysis; SSVC rates exploitation as none and technical impact as partial, placing this in the moderate real-world priority tier despite the C:H CVSS rating.
Local code execution in Microsoft Excel (and the broader Office family including Microsoft 365 Apps for Enterprise, Office 2019/2021/2024 LTSC, Office for Mac, and Office Online Server) stems from a heap-based buffer overflow that triggers when a user opens a maliciously crafted spreadsheet. The CVSS vector (AV:L/AC:L/PR:N/UI:R) indicates an unauthenticated attacker gains full code execution in the victim's context but only after the target opens the file. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available from Microsoft (MSRC CVE-2026-55041).
Local code execution in Microsoft Word (and Office/SharePoint components that render Word content) stems from an integer overflow in the file-parsing path, letting an attacker who convinces a victim to open a crafted document run arbitrary code with the victim's privileges. It affects a broad Office footprint including Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, the macOS editions, and SharePoint Server 2016/2019/Subscription Edition. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the 7.8 CVSS and Word's ubiquity make it a routine priority patch.
Local code execution in Microsoft Office Word (across Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Office for Mac, and Word 2016) allows an attacker to run arbitrary code by exploiting a use-after-free memory corruption flaw when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 with a local attack vector requiring user interaction; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. Microsoft, which reported the issue itself, has released a patch.
Local arbitrary code execution in Microsoft Office (Microsoft 365 Apps for Enterprise, Office 2016/2019, Office LTSC 2021/2024, and their macOS equivalents) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted Office document. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows the flaw requires user interaction but no prior privileges, yielding full high-impact compromise of confidentiality, integrity, and availability in the user's context. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation status is not currently confirmed.
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, 365 Apps, and the macOS builds) stems from an out-of-bounds read in a file-parsing routine that lets a crafted document corrupt memory and run attacker-controlled code in the context of the current user. The same document-parsing components also affect SharePoint Enterprise Server 2016, SharePoint Server 2019, and the Subscription Edition. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis.
Local code execution in Microsoft Excel (and the broader Office suite through Microsoft 365 Apps, Office 2019/2021/2024 LTSC, Office for Mac, and Office Online Server) arises from an integer underflow (CWE-191) in Excel's file parsing, letting an attacker run arbitrary code in the context of the user who opens a maliciously crafted spreadsheet. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows no attacker privileges are needed but the victim must open the file, giving full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Arbitrary code execution in Microsoft Excel (across Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server) arises from a heap-based buffer overflow (CWE-122) that triggers when a victim opens a maliciously crafted spreadsheet. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) confirms this is a local, user-interaction-dependent file-format attack rather than a remote network exploit, yielding code execution in the context of the current user. No public exploit has been identified at time of analysis, and the CVE is not listed in CISA KEV; a Microsoft patch is available.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the macOS Office builds, and Office Online Server) arises from an integer overflow (CWE-190) triggered when the application parses a maliciously crafted spreadsheet. An unauthorized attacker who convinces a victim to open a booby-trapped file can run arbitrary code in the context of the current user, with full confidentiality, integrity, and availability impact per the 7.8 CVSS vector. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office Excel (spanning Excel 2016, Office 2019, Office LTSC 2021/2024, Microsoft 365 Apps for Enterprise, the macOS builds, and Office Online Server) arises from an out-of-bounds read (CWE-125) that an attacker triggers by convincing a user to open a maliciously crafted workbook. The CVSS 3.1 base score is 7.8 with high confidentiality, integrity, and availability impact, but exploitation requires user interaction (opening the file) and no active exploitation or public proof-of-concept has been reported. There is no public exploit identified at time of analysis; Microsoft has released a patch via its Security Update Guide.
Local code execution in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, Office for Mac, and SharePoint Server) arises from a heap-based buffer overflow (CWE-122) that an unauthorized attacker triggers when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high confidentiality, integrity, and availability impact, meaning successful exploitation yields full code execution in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Office makes it a high-priority patch target.
Local code execution in Microsoft Excel (Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Office for Mac, and Office Online Server) arises from a type-confusion flaw (CWE-843) in how Excel parses spreadsheet content. An attacker who convinces a victim to open a malicious workbook can run arbitrary code in the context of the current user, gaining high confidentiality, integrity, and availability impact. Reported by Microsoft with a patch available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local arbitrary code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac 2021/2024) arises from a type-confusion flaw (CWE-843) that lets an attacker run code in the context of the current user when a victim opens a crafted file. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) reflecting local vector with required user interaction and high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) stems from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted document. Rated CVSS 7.8 with high confidentiality, integrity, and availability impact, exploitation requires user interaction but no prior authentication, letting an attacker run arbitrary code in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix, so patching should be prioritized during the normal Patch Tuesday cycle.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Excel (Office 2016 through LTSC 2024, Microsoft 365 Apps, and Mac editions) allows an attacker to run arbitrary code by tricking a user into opening a maliciously crafted spreadsheet that triggers a type-confusion condition in Excel's file parser. The CVSS 3.1 score is 7.8 (High) with the local vector reflecting file-open exploitation rather than remote-network access, and success requires user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local code execution in Microsoft Office (365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) arises from a heap-based buffer overflow that an attacker triggers when a victim opens a maliciously crafted Office document. Successful exploitation yields full confidentiality, integrity, and availability impact in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Office and the low attack complexity make this a meaningful patch priority.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and Office for Mac 2021/2024) arises from a use-after-free memory corruption flaw that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation runs arbitrary code in the context of the current user, yielding full confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV; Microsoft has published a patch via MSRC.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and the macOS editions) arises from a use-after-free memory-corruption flaw (CWE-416) that lets an attacker run arbitrary code in the context of the current user after the victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, and requires user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.
Local code execution in Microsoft Office (Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation yields full code execution in the context of the current user, with high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; SSVC rates current exploitation as none.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office Excel (across Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, and their macOS equivalents) arises from a use-after-free (CWE-416) memory-corruption flaw triggered when a user opens a maliciously crafted spreadsheet. The CVSS vector (AV:L/AC:L/PR:N/UI:R) indicates an unauthenticated attacker can achieve full confidentiality, integrity, and availability impact but requires the victim to open a file, making it a classic phishing-delivered client-side bug. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, though Excel memory-corruption bugs are historically attractive targets.
Local code execution in Microsoft Office (including Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) stems from a use-after-free memory-corruption flaw (CWE-416). An attacker who convinces a user to open a specially crafted Office document can execute arbitrary code in the context of the current user, gaining full confidentiality, integrity, and availability impact. Exploitation requires user interaction (opening a malicious file) and there is no public exploit identified at time of analysis.
Local arbitrary code execution in Microsoft Excel arises from a heap-based buffer overflow (CWE-122) triggered when a user opens a maliciously crafted spreadsheet; successful exploitation runs attacker code in the context of the current user across desktop Office builds (Excel 2016, Office 2019, LTSC 2021/2024, Microsoft 365 Apps) on both Windows and Mac, as well as Office Online Server. The flaw carries CVSS 7.8 with high confidentiality, integrity, and availability impact but requires user interaction (opening the file). No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available from Microsoft.
Information disclosure in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) via an out-of-bounds read (CWE-125) lets an attacker leak sensitive memory contents when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.1 (AV:L/AC:L/PR:N/UI:R), reflecting local exploitation that requires user interaction but no prior authentication. Microsoft is the reporting source and has published a fix; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Local code execution in Microsoft Excel (2016, Office 2019, Office LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) arises from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted spreadsheet. Exploitation runs code in the context of the current user and requires user interaction (opening the file), with no public exploit identified at time of analysis. This is a locally-exploited, phishing-delivered class of bug typical of Office file-format handlers, patched by Microsoft via MSRC.
Local code execution in Microsoft Excel (and the broader Office family through Microsoft 365 Apps, Office 2019/2021/2024 LTSC, Office for Mac, and Office Online Server) arises from a stack-based buffer overflow (CWE-121) triggered when a user opens a maliciously crafted spreadsheet. An attacker who convinces a victim to open the file runs arbitrary code in the security context of the current user, with high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV; Microsoft has released a patch.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Excel (including Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted spreadsheet, letting an attacker run arbitrary code in the user's context. The CVSS 3.1 score is 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), reflecting that exploitation needs user interaction but no prior privileges once the file is opened. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft has released a patch.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Out-of-bounds read in Microsoft Office exposes sensitive memory contents to a local, unauthenticated attacker who can induce a user to open a malicious document. Affected products span the full current Office portfolio - Office 2016 through LTSC 2024 on both Windows and macOS - making the blast radius broad despite the local attack vector. No public exploit identified at time of analysis and SSVC classifies exploitation as none and not automatable, though the high confidentiality impact (C:H) and near-universal deployment of Office keep this a meaningful patching priority.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Information disclosure in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) arises from an out-of-bounds read (CWE-125) that lets an attacker who convinces a victim to open a crafted file read memory beyond an intended buffer boundary. Exploitation is local and requires user interaction, and there is no public exploit identified at time of analysis and no CISA KEV listing. Disclosed memory can leak sensitive data such as heap contents or pointer addresses useful for defeating ASLR in a follow-on exploit chain.
Local code execution in Microsoft Office Excel (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) allows an attacker to run arbitrary code in the context of the current user when a victim opens a maliciously crafted spreadsheet. The flaw stems from use of an uninitialized resource (CWE-908) and carries a CVSS 7.8; it requires user interaction (opening the file) and no prior privileges. No public exploit identified at time of analysis, and it is not listed in CISA KEV, but a vendor patch is available.
Local code execution in Microsoft Excel (Office 2016 through Office LTSC 2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) allows an attacker to run arbitrary code when a victim opens a maliciously crafted spreadsheet. The flaw is a heap-based buffer overflow (CWE-122) triggered during file parsing, giving full confidentiality, integrity, and availability impact in the user's context. No public exploit identified at time of analysis, and it is not listed in CISA KEV, so exploitation currently appears theoretical rather than active.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Arbitrary code execution in Microsoft Office Excel arises from a use-after-free (CWE-416) memory-corruption flaw affecting Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server. The CVSS 3.1 vector (AV:L/UI:R) makes this a user-interaction-dependent, locally-scoped issue: a victim must open a maliciously crafted Excel workbook, after which the attacker gains code execution in the user's security context. No public exploit is identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available.
Arbitrary code execution in Microsoft PowerPoint (and the broader Microsoft Office/365 suite on Windows and macOS) arises from a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted presentation file. An attacker who cannot log in to the target can still run code in the context of the current user by convincing that user to open the booby-trapped file, giving full confidentiality, integrity, and availability impact on the affected host. Microsoft has released a patch; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Local code execution in Microsoft Office PowerPoint (including Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, and their macOS variants) arises from a heap-based buffer overflow triggered when a victim opens a maliciously crafted presentation file. Successful exploitation runs attacker-controlled code with the privileges of the current user, yielding full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but Microsoft has released a patch.
Local code execution in Microsoft Office PowerPoint (CWE-122 heap-based buffer overflow) lets an unauthorized attacker run arbitrary code when a victim opens a maliciously crafted presentation file. The flaw affects a broad Office footprint - PowerPoint 2016, Office 2019, Office LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and multiple Office for Mac builds - and requires user interaction (opening the file) but no prior privileges. A vendor patch is available via MSRC; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Uninitialized memory disclosure in Microsoft Office exposes sensitive data locally when a user interacts with a crafted document. The vulnerability, rooted in CWE-908 (Use of Uninitialized Resource), affects the full breadth of current Office deployments across Windows and macOS, including Office 2016 through LTSC 2024 and Microsoft 365 Apps for Enterprise. No public exploit code has been identified at time of analysis, and SSVC signals confirm no observed exploitation; however, the High confidentiality impact warrants prompt patching given Office's ubiquitous deployment footprint.
Local code execution in Microsoft Word (Office 2016/2019, Microsoft 365 Apps, Office LTSC 2021/2024) arises from a heap-based buffer overflow triggered when a victim opens a maliciously crafted document. An attacker who convinces a user to open a booby-trapped file can run arbitrary code in that user's context, achieving full compromise of confidentiality, integrity, and availability on the host. No public exploit identified at time of analysis and the flaw is not listed in CISA KEV, though a vendor patch is available per Microsoft's MSRC advisory.
Local code execution in Microsoft Office Word (CWE-416 use-after-free) allows an unauthorized attacker to run arbitrary code in the context of the current user when a victim opens a maliciously crafted document. The flaw affects a broad Office footprint including Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024 (Windows and Mac), and related SharePoint Server products that process Word documents. Microsoft has released a patch; no public exploit has been identified at time of analysis, and neither KEV nor EPSS/POC signals were provided in the input.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, 365 Apps for Enterprise, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by getting a victim to open a maliciously crafted Office document. Rated CVSS 7.8 with high impact to confidentiality, integrity, and availability, exploitation requires user interaction but no prior authentication or privileges. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV, but Microsoft has released a patch via the MSRC update guide.
Numeric truncation error in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted document. The CVSS 3.1 score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, meaning code runs in the context of the current user. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available via MSRC.
Local code execution in Microsoft Office Word (Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Word 2016, and the macOS builds) arises from a stack-based buffer overflow triggered when a victim opens a maliciously crafted document. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows an unauthenticated attacker needs no privileges but does require user interaction, and successful exploitation yields full confidentiality, integrity, and availability impact in the user's security context. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a patch.
Arbitrary code execution in Microsoft Office Excel arises from a heap-based buffer overflow (CWE-122) that an attacker triggers when a victim opens a maliciously crafted spreadsheet, running code in the security context of the current user. The flaw spans a broad Office footprint including Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the macOS Office editions, and Office Online Server. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; the CVSS 7.8 rating reflects high impact gated by required user interaction.
Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.
Information disclosure in Microsoft Office Excel (2016, Office 2019, LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) lets an attacker read out-of-bounds memory when a victim opens a maliciously crafted spreadsheet, potentially leaking sensitive process data such as memory contents, pointers, or credentials. Rated CVSS 7.1 with a local attack vector requiring user interaction, the flaw stems from a CWE-125 out-of-bounds read in Excel's file parser. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Excel and Microsoft's confirmed patch make prompt patching important.
Local code execution in Microsoft Excel arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by luring a victim into opening a maliciously crafted spreadsheet, yielding attacker code in the user's security context. It affects a broad Office family including Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the macOS editions, and Office Online Server. The CVSS 3.1 base score is 7.8 and the vector requires user interaction (UI:R); there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local code execution in Microsoft Office Excel (across Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, Office for Mac, and Office Online Server) stems from a heap-based buffer overflow (CWE-122) that an attacker triggers when a victim opens a maliciously crafted spreadsheet. Rated CVSS 7.8 with no privileges required but mandatory user interaction, successful exploitation yields full confidentiality, integrity, and availability impact in the context of the victim user. There is no public exploit identified at time of analysis and it is not on the CISA KEV list, but Microsoft has released a patch.
Local code execution in Microsoft Word (part of Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, and Office for Mac) stems from a double free of heap memory (CWE-415) that lets an unauthorized attacker run arbitrary code when a victim opens a malicious document. The flaw was reported by Microsoft, carries CVSS 7.8, and a vendor patch is available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation requires the target to open a crafted file (UI:R), it is a user-interaction-gated client-side RCE rather than a remotely-triggerable service bug.
Arbitrary code execution in Microsoft Office Word (and the broader Office/365/SharePoint family) arises from a stack-based buffer overflow (CWE-121) that an attacker triggers when a victim opens a maliciously crafted document. The CVSS 3.1 vector (AV:L/UI:R) confirms this is a file-borne, local-context flaw requiring the user to open attacker-supplied content, yielding full confidentiality, integrity, and availability impact in the user's session. No public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft has released a patch via MSRC.
Local code execution in Microsoft Office Excel (Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, Office for Mac, Office Online Server) arises from an out-of-bounds read (CWE-125) that an attacker weaponizes by luring a victim into opening a crafted spreadsheet, yielding code execution in the user's security context. The flaw carries a CVSS 7.8 (AV:L/AC:L/PR:N/UI:R) and requires no privileges but does require user interaction. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Arbitrary code execution in Microsoft Excel (spanning Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server) allows an unauthorized attacker to run code in the victim's context by tricking them into opening a maliciously crafted spreadsheet. The flaw is a heap-based buffer overflow (CWE-122) that executes with the local user's privileges once the file is opened. Microsoft has released a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
Local code execution in Microsoft Office Word (via a stack-based buffer overflow, CWE-121) lets an attacker run arbitrary code in the context of the user who opens a maliciously crafted document. The flaw affects Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024 (including Mac editions), and the Word component shared with SharePoint Server 2016/2019/Subscription Edition. No public exploit identified at time of analysis, and it is not listed in CISA KEV; exploitation requires the victim to open the attacker's file (UI:R).
Local code execution in Microsoft Excel (Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server) arises from an out-of-bounds read (CWE-125) triggered when a victim opens a maliciously crafted spreadsheet. CVSS 7.8 with high impact to confidentiality, integrity, and availability; no public exploit identified at time of analysis. Exploitation requires user interaction (opening the file) but no prior authentication or privileges on the target beyond the ability to induce the user to open the document.
Local arbitrary code execution in Microsoft Excel arises from a buffer over-read (CWE-126) triggered when a victim opens a maliciously crafted spreadsheet, letting an attacker run code in the context of the current user. The flaw spans Office 2016/2019, Microsoft 365 Apps, Office LTSC 2021/2024 (Windows and Mac) and Office Online Server; a vendor patch is available via MSRC. No public exploit has been identified at time of analysis, and the CVSS 7.8 (AV:L/UI:R) rating reflects that user interaction is required.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) triggered when a user opens a maliciously crafted document. Rated CVSS 7.8 (AV:L/UI:R), an attacker who convinces a victim to open a weaponized file can run arbitrary code in the context of the current user. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local code execution in Microsoft Excel (and the broader Office 2016/2019/LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server family) results from a stack-based buffer overflow triggered when a victim opens a maliciously crafted spreadsheet. An attacker who convinces a user to open a booby-trapped file can run arbitrary code in the context of that user, with full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not on CISA KEV, but the ubiquity of Excel and Microsoft's own advisory make this a routine patch-Tuesday-class priority.
Arbitrary local code execution in Microsoft Office Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the Office for Mac editions, and Office Online Server) lets an attacker run code in the current user's context when a victim opens a maliciously crafted spreadsheet. The flaw is an untrusted pointer dereference (CWE-822) triggered during file parsing; it requires user interaction but no prior privileges. No public exploit is identified at time of analysis, and a vendor patch is available from Microsoft (MSRC).
Local code execution in Microsoft Word (and the wider Microsoft Office / Microsoft 365 Apps family) lets an unauthorized attacker run arbitrary code when a victim opens a maliciously crafted Word document that triggers a heap-based buffer overflow. All impacted SKUs - Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, the macOS Office builds, and SharePoint Server (which renders Office documents server-side) - are affected, and Microsoft has released a patch. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Untrusted pointer dereference (CWE-822) in Microsoft Excel allows a local attacker to disclose sensitive memory contents when a victim opens a specially crafted workbook. The flaw affects a broad swath of Microsoft Office product lines - from Excel 2016 through Office LTSC 2024 and their Mac counterparts - as confirmed by CPE enumeration. No public exploit code or active exploitation has been identified at time of analysis; SSVC rates exploitation as none and technical impact as partial, placing this in the moderate real-world priority tier despite the C:H CVSS rating.
Local code execution in Microsoft Excel (and the broader Office family including Microsoft 365 Apps for Enterprise, Office 2019/2021/2024 LTSC, Office for Mac, and Office Online Server) stems from a heap-based buffer overflow that triggers when a user opens a maliciously crafted spreadsheet. The CVSS vector (AV:L/AC:L/PR:N/UI:R) indicates an unauthenticated attacker gains full code execution in the victim's context but only after the target opens the file. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available from Microsoft (MSRC CVE-2026-55041).
Local code execution in Microsoft Word (and Office/SharePoint components that render Word content) stems from an integer overflow in the file-parsing path, letting an attacker who convinces a victim to open a crafted document run arbitrary code with the victim's privileges. It affects a broad Office footprint including Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, the macOS editions, and SharePoint Server 2016/2019/Subscription Edition. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the 7.8 CVSS and Word's ubiquity make it a routine priority patch.
Local code execution in Microsoft Office Word (across Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Office for Mac, and Word 2016) allows an attacker to run arbitrary code by exploiting a use-after-free memory corruption flaw when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 with a local attack vector requiring user interaction; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. Microsoft, which reported the issue itself, has released a patch.
Local arbitrary code execution in Microsoft Office (Microsoft 365 Apps for Enterprise, Office 2016/2019, Office LTSC 2021/2024, and their macOS equivalents) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted Office document. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows the flaw requires user interaction but no prior privileges, yielding full high-impact compromise of confidentiality, integrity, and availability in the user's context. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation status is not currently confirmed.
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, 365 Apps, and the macOS builds) stems from an out-of-bounds read in a file-parsing routine that lets a crafted document corrupt memory and run attacker-controlled code in the context of the current user. The same document-parsing components also affect SharePoint Enterprise Server 2016, SharePoint Server 2019, and the Subscription Edition. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis.
Local code execution in Microsoft Excel (and the broader Office suite through Microsoft 365 Apps, Office 2019/2021/2024 LTSC, Office for Mac, and Office Online Server) arises from an integer underflow (CWE-191) in Excel's file parsing, letting an attacker run arbitrary code in the context of the user who opens a maliciously crafted spreadsheet. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows no attacker privileges are needed but the victim must open the file, giving full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Arbitrary code execution in Microsoft Excel (across Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server) arises from a heap-based buffer overflow (CWE-122) that triggers when a victim opens a maliciously crafted spreadsheet. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) confirms this is a local, user-interaction-dependent file-format attack rather than a remote network exploit, yielding code execution in the context of the current user. No public exploit has been identified at time of analysis, and the CVE is not listed in CISA KEV; a Microsoft patch is available.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the macOS Office builds, and Office Online Server) arises from an integer overflow (CWE-190) triggered when the application parses a maliciously crafted spreadsheet. An unauthorized attacker who convinces a victim to open a booby-trapped file can run arbitrary code in the context of the current user, with full confidentiality, integrity, and availability impact per the 7.8 CVSS vector. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office Excel (spanning Excel 2016, Office 2019, Office LTSC 2021/2024, Microsoft 365 Apps for Enterprise, the macOS builds, and Office Online Server) arises from an out-of-bounds read (CWE-125) that an attacker triggers by convincing a user to open a maliciously crafted workbook. The CVSS 3.1 base score is 7.8 with high confidentiality, integrity, and availability impact, but exploitation requires user interaction (opening the file) and no active exploitation or public proof-of-concept has been reported. There is no public exploit identified at time of analysis; Microsoft has released a patch via its Security Update Guide.
Local code execution in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, Office for Mac, and SharePoint Server) arises from a heap-based buffer overflow (CWE-122) that an unauthorized attacker triggers when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high confidentiality, integrity, and availability impact, meaning successful exploitation yields full code execution in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Office makes it a high-priority patch target.
Local code execution in Microsoft Excel (Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Office for Mac, and Office Online Server) arises from a type-confusion flaw (CWE-843) in how Excel parses spreadsheet content. An attacker who convinces a victim to open a malicious workbook can run arbitrary code in the context of the current user, gaining high confidentiality, integrity, and availability impact. Reported by Microsoft with a patch available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local arbitrary code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac 2021/2024) arises from a type-confusion flaw (CWE-843) that lets an attacker run code in the context of the current user when a victim opens a crafted file. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) reflecting local vector with required user interaction and high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) stems from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted document. Rated CVSS 7.8 with high confidentiality, integrity, and availability impact, exploitation requires user interaction but no prior authentication, letting an attacker run arbitrary code in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix, so patching should be prioritized during the normal Patch Tuesday cycle.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Excel (Office 2016 through LTSC 2024, Microsoft 365 Apps, and Mac editions) allows an attacker to run arbitrary code by tricking a user into opening a maliciously crafted spreadsheet that triggers a type-confusion condition in Excel's file parser. The CVSS 3.1 score is 7.8 (High) with the local vector reflecting file-open exploitation rather than remote-network access, and success requires user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local code execution in Microsoft Office (365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) arises from a heap-based buffer overflow that an attacker triggers when a victim opens a maliciously crafted Office document. Successful exploitation yields full confidentiality, integrity, and availability impact in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the ubiquity of Office and the low attack complexity make this a meaningful patch priority.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and Office for Mac 2021/2024) arises from a use-after-free memory corruption flaw that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation runs arbitrary code in the context of the current user, yielding full confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV; Microsoft has published a patch via MSRC.
Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and the macOS editions) arises from a use-after-free memory-corruption flaw (CWE-416) that lets an attacker run arbitrary code in the context of the current user after the victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, and requires user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.
Local code execution in Microsoft Office (Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) arises from a heap-based buffer overflow (CWE-122) that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation yields full code execution in the context of the current user, with high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; SSVC rates current exploitation as none.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Office Excel (across Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, and their macOS equivalents) arises from a use-after-free (CWE-416) memory-corruption flaw triggered when a user opens a maliciously crafted spreadsheet. The CVSS vector (AV:L/AC:L/PR:N/UI:R) indicates an unauthenticated attacker can achieve full confidentiality, integrity, and availability impact but requires the victim to open a file, making it a classic phishing-delivered client-side bug. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, though Excel memory-corruption bugs are historically attractive targets.
Local code execution in Microsoft Office (including Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) stems from a use-after-free memory-corruption flaw (CWE-416). An attacker who convinces a user to open a specially crafted Office document can execute arbitrary code in the context of the current user, gaining full confidentiality, integrity, and availability impact. Exploitation requires user interaction (opening a malicious file) and there is no public exploit identified at time of analysis.
Local arbitrary code execution in Microsoft Excel arises from a heap-based buffer overflow (CWE-122) triggered when a user opens a maliciously crafted spreadsheet; successful exploitation runs attacker code in the context of the current user across desktop Office builds (Excel 2016, Office 2019, LTSC 2021/2024, Microsoft 365 Apps) on both Windows and Mac, as well as Office Online Server. The flaw carries CVSS 7.8 with high confidentiality, integrity, and availability impact but requires user interaction (opening the file). No public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available from Microsoft.
Information disclosure in Microsoft Office (Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) via an out-of-bounds read (CWE-125) lets an attacker leak sensitive memory contents when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.1 (AV:L/AC:L/PR:N/UI:R), reflecting local exploitation that requires user interaction but no prior authentication. Microsoft is the reporting source and has published a fix; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Local code execution in Microsoft Excel (2016, Office 2019, Office LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) arises from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted spreadsheet. Exploitation runs code in the context of the current user and requires user interaction (opening the file), with no public exploit identified at time of analysis. This is a locally-exploited, phishing-delivered class of bug typical of Office file-format handlers, patched by Microsoft via MSRC.
Local code execution in Microsoft Excel (and the broader Office family through Microsoft 365 Apps, Office 2019/2021/2024 LTSC, Office for Mac, and Office Online Server) arises from a stack-based buffer overflow (CWE-121) triggered when a user opens a maliciously crafted spreadsheet. An attacker who convinces a victim to open the file runs arbitrary code in the security context of the current user, with high impact to confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV; Microsoft has released a patch.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Excel (including Microsoft 365 Apps, Office 2016/2019, Office LTSC 2021/2024, and Office for Mac) arises from a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted spreadsheet, letting an attacker run arbitrary code in the user's context. The CVSS 3.1 score is 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), reflecting that exploitation needs user interaction but no prior privileges once the file is opened. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft has released a patch.