Word

word

Vendor: Microsoft • 252 CVEs

CVEs (252)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-42832 1Microsoft 4Excel OfficeOffice Long Term Servicing Channel+1 more May 19, 2026 May 12, 2026 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
CVE-2026-41101 1Microsoft 1Word May 16, 2026 May 12, 2026 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.
CVE-2026-40421 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Jun 1, 2026 May 12, 2026 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2026-40367 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Jun 1, 2026 May 12, 2026 N/A· v4 8.4 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40366 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Jun 1, 2026 May 12, 2026 N/A· v4 8.4 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40364 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more May 19, 2026 May 12, 2026 N/A· v4 8.4 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40361 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Jun 3, 2026 May 12, 2026 N/A· v4 8.4 HIGH· v3 N/A· v2 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-35440 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more May 19, 2026 May 12, 2026 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2026-26133 1Microsoft 10365 Copilot EdgeExcel+7 more Apr 9, 2026 Mar 16, 2026 N/A· v4 7.1 HIGH· v3 N/A· v2 AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-21511 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Feb 11, 2026 Feb 10, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-20948 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Jan 16, 2026 Jan 13, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62562 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Dec 9, 2025 Dec 9, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
CVE-2025-62559 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Dec 10, 2025 Dec 9, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62558 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Dec 10, 2025 Dec 9, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62555 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Dec 10, 2025 Dec 9, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-59222 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Oct 16, 2025 Oct 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-59221 1Microsoft 5365 Apps OfficeOffice Long Term Servicing Channel+2 more Oct 16, 2025 Oct 14, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-54905 1Microsoft 6365 Apps OfficeOffice Long Term Servicing Channel+3 more Sep 12, 2025 Sep 9, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2025-53738 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Aug 18, 2025 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-53736 1Microsoft 6365 Apps OfficeOffice Long Term Servicing Channel+3 more Aug 18, 2025 Aug 12, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

12 3 4 5...13 Next