← Back

CVE-2026-20944

nvd nist
Published: Jan 13, 2026Modified: Jan 16, 2026

JSON object

Loading...
8.4
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.5 / Impact: 5.9
Source: secure@microsoft.com

Description

Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Affected (4)

Microsoft
2 products
365 Apps
Office Long Term Servicing Channel
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
365 Apps
All versions
365 Apps
All versions
Microsoft
Office Long Term Servicing Channel
Version 2021
Office Long Term Servicing Channel
Version 2024

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (1)

Source: secure@microsoft.com
Vendor Advisory

Timeline

No history available yet.