Description of the security update for Office Online Server: May 12, 2026 (KB5002871)

Description of the security update for Office Online Server: May 12, 2026 KB5002871 Summary This security update resolves Microsoft Excel remote code execution vulnerability and Microsoft Excel Information Disclosure vulnerability. To learn more about the vulnerabilities, see the following securi...

Security Updates for Microsoft Office Online Server (May 2026)

The Microsoft Office Online Server or Office Web Apps installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-40359 -...

Security Updates for Microsoft Excel Products (May 2026)

The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-40359 - Heap-based buffer overflow in Microsoft Office Excel allows a...

Description of the security update for Office Online Server: April 14, 2026 (KB5002855)

Description of the security update for Office Online Server: April 14, 2026 KB5002855 Summary This security update resolves Microsoft Excel remote code execution vulnerability and Microsoft Excel Information Disclosure vulnerability. To learn more about the vilnerabilities, see the following...

Security Updates for Microsoft Excel Products C2R (April 2026)

The Microsoft Excel Products are missing a security update. It is, therefore, affected by the following vulnerabilities: - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-32189, CVE-2026-32197, CVE-2026-32198, CVE-2026-32199 - Out-of-boun...

Security Updates for Microsoft Office Products (March 2026) (macOS)

The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the march-10-2026 advisory. - Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-26113 - Use after free in...

Security Updates for Microsoft Excel Products C2R (March 2026)

The Microsoft Excel Products are missing a security update. It is, therefore, affected by the following vulnerabilities: - Remote code execution vulnerabilities that an attacker can exploit to bypass authentication and execute unauthorized arbitrary commands. CVE-2026-26107, CVE-2026-26108,...

Security Updates for Office Online Server (March 2026)

The Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerabilities: - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-26107 - Heap-based buffer overflow in...

Description of the security update for Office Online Server: February 10, 2026 (KB5002835)

Description of the security update for Office Online Server: February 10, 2026 KB5002835 Summary This security update resolves Microsoft Excel information disclosure vulnerability, and Microsoft Excel elevation of privilege vulnerability. To learn more about the vulnerabilities, see the following...

Security Updates for Microsoft Office Online Server (February 2026)

The Microsoft Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerabilities: - Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. CVE-2026-21258 -...

Security Updates for Microsoft Office Products (January 2026) (macOS)

The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the january-13-2026 advisory. - Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-20952, CVE-2026-20953 - Integer...

Security Updates for Microsoft Office Online Server (December 2025)

The Microsoft Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerabilities: - Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

Description of the security update for Office Online Server: November 11, 2025 (KB5002801)

Description of the security update for Office Online Server: November 11, 2025 KB5002801 Summary This security update resolves a Microsoft Excel information disclosure vulnerability and Microsoft Excel remote code execution vulnerability. To learn more about the vulnerabilities, see the following...

Security Updates for Microsoft Office Online Server (November 2025)

The Microsoft Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerabilities: - Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. CVE-2025-60726 - Out-of-boun...

Description of the security update for Office Online Server: October 14, 2025 (KB5002797)

Description of the security update for Office Online Server: October 14, 2025 KB5002797 Summary This security update resolves a Microsoft Excel information disclosure vulnerability, Microsoft Excel remote code execution vulnerability, Microsoft Excel remote code execution vulnerability. To learn...

Security Updates for Microsoft Office Online Server (October 2025)

The Microsoft Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities. - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2025-59223, CVE-2025-59224, CVE-2025-5922...

EUVD-2024-23533

Malicious code in bioql PyPI...

Security Updates for Microsoft Excel Products (August 2025)

The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-53735, CVE-2025-53737,...

Security Updates for Microsoft Office Products (May 2025) (macOS)

The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the may-13-2025 advisory. - Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2025-30377, CVE-2025-30386 - Use after free in...

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Office components. A malicious person could exploit the vulnerabilities to execute arbitrary code with the victim's privileges, potentially gaining access to sensitive data in the victim's context. Successful exploitation requires the malicious party to tric...