Onenote

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-29822 HIGH This Week

Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office Office Long Term Servicing Channel Onenote
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2025-21402 HIGH PATCH This Month

Microsoft Office OneNote Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Office Onenote
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2025-29822
EPSS 1% CVSS 7.8
HIGH This Week

Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Office +2
NVD
CVE-2025-21402
EPSS 1% CVSS 7.8
HIGH PATCH This Month

Microsoft Office OneNote Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Office +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy