368 matches found
Security Updates for Microsoft Office Products (June 2026) (macOS)
The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the june-16-2026 advisory. - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-44819, CVE-2026-44824,...
CVE-2026-44820
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-45459
The CVE-2026-45459 entry concerns Microsoft Excel. A protection-mechanism failure in Excel is described as allowing a local attacker to bypass a security feature. According to the available data, the vulnerability has a low base score (CVSS 3.1: 3.3), with LOCAL attack vector, LOW attack complexi...
CVE-2026-44822 Microsoft Excel Information Disclosure Vulnerability
...
CVE-2026-44823
Numeric truncation error in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-44818 Microsoft Excel Remote Code Execution Vulnerability
...
Microsoft Office Excel 数字错误漏洞
Microsoft Excel is a spreadsheet software within the Office suite developed by the American company Microsoft. There is a code execution vulnerability in Microsoft Excel, and attackers can exploit this vulnerability to execute code locally...
Spree: CSV Formula Injection in Customer Export
Summary CSV formula injection also known as formula injection or CSV injection affects customer export. User-controlled values customer names, email addresses, and shipping addresses. When an administrator opens a crafted Export in Microsoft Excel or LibreOffice Calc, formulas embedded in user da...
CVE-2026-41073 RT: Spreadsheet downloads vulnerable to CSV/formula injection in Microsoft Excel and similar apps
RT is an open source, enterprise-grade issue and ticket tracking system. Versions prior to 5.0.10 and 6.0.0 through 6.0.2 contain a spreadsheet CSV/formula injection vulnerability. User-controlled data in spreadsheet exports is not sanitized before being written to the output file, which can caus...
CVE-2026-40359 Microsoft Excel Remote Code Execution Vulnerability
...
Security Updates for Microsoft Office Products (April 2026) (macOS)
The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the april-14-2026 advisory. - Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-33095, CVE-2026-33115 - Out-of-boun...
CVE-2026-32198
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-32198
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-32199 Microsoft Excel Remote Code Execution Vulnerability
...
CVE-2026-32189 Microsoft Excel Remote Code Execution Vulnerability
...
PT-2026-32578
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file .xlsx via the...
CVE-2026-26109
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-26107
CVE-2026-26107 is a Microsoft Excel remote code execution vulnerability described as a use-after-free issue in Excel/Office. Affected software is Microsoft Excel within the Office suite; the underlying cause is use-after-free in Excel, enabling an attacker to execute code locally. Exploitation is...
CVE-2026-26112 Microsoft Excel Remote Code Execution Vulnerability
...
Description of the security update for Office Online Server: March 10, 2026 (KB5002846)
None None...