Outlook

outlook

Vendor: Microsoft • 120 CVEs

CVEs (120)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-42893 1Microsoft 1Outlook May 13, 2026 May 12, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to perform tampering over a network.
CVE-2026-26133 1Microsoft 10365 Copilot EdgeExcel+7 more Apr 9, 2026 Mar 16, 2026 N/A· v4 7.1 HIGH· v3 N/A· v2 AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-21260 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Feb 11, 2026 Feb 10, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-49699 1Microsoft 6365 Apps OfficeOffice Long Term Servicing Channel+3 more Jul 15, 2025 Jul 8, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47171 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Jul 9, 2025 Jun 10, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
CVE-2025-29805 1Microsoft 1Outlook Jul 10, 2025 Apr 8, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.
CVE-2025-21259 1Microsoft 1Outlook Feb 28, 2025 Feb 11, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Microsoft Outlook Spoofing Vulnerability
CVE-2025-21361 1Microsoft 3Office Office Long Term Servicing ChannelOutlook May 19, 2026 Jan 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Microsoft Outlook Remote Code Execution Vulnerability
CVE-2025-21357 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Jul 1, 2025 Jan 14, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-42220 1Microsoft 1Outlook Aug 22, 2025 Dec 18, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially crafted library can leverage Outlook's access privileges, leading to a permission bypass. A malicious application could inject...Show more A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially crafted library can leverage Outlook's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.Show less
CVE-2024-43604 1Microsoft 1Outlook Oct 17, 2024 Oct 8, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Outlook for Android Elevation of Privilege Vulnerability
CVE-2024-43482 1Microsoft 1Outlook Sep 18, 2024 Sep 10, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Microsoft Outlook for iOS Information Disclosure Vulnerability
CVE-2024-38173 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Aug 16, 2024 Aug 13, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-38020 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Nov 21, 2024 Jul 9, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Microsoft Outlook Spoofing Vulnerability
CVE-2024-30103 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more May 19, 2026 Jun 11, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Microsoft Outlook Remote Code Execution Vulnerability
CVE-2024-20670 1Microsoft 1Outlook Jan 8, 2025 Apr 9, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 Outlook for Windows Spoofing Vulnerability
CVE-2024-26204 1Microsoft 1Outlook Jan 15, 2025 Mar 12, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Outlook for Android Information Disclosure Vulnerability
CVE-2024-21378 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Nov 21, 2024 Feb 13, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Microsoft Outlook Remote Code Execution Vulnerability
CVE-2023-36763 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Nov 21, 2024 Sep 12, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Microsoft Outlook Information Disclosure Vulnerability
CVE-2023-36893 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Nov 21, 2024 Aug 8, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Microsoft Outlook Spoofing Vulnerability

12 3 4 5 6 Next