Security Updates for Microsoft Office Products (June 2026) (macOS)

The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the june-16-2026 advisory. - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-44819, CVE-2026-44824,...

CVE-2026-44820

Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2026-45459

The CVE-2026-45459 entry concerns Microsoft Excel. A protection-mechanism failure in Excel is described as allowing a local attacker to bypass a security feature. According to the available data, the vulnerability has a low base score (CVSS 3.1: 3.3), with LOCAL attack vector, LOW attack complexi...

CVE-2026-44822 Microsoft Excel Information Disclosure Vulnerability

...

CVE-2026-44818 Microsoft Excel Remote Code Execution Vulnerability

...

Microsoft Office Excel 安全漏洞

Microsoft Office Excel is a spreadsheet software developed by Microsoft in the United States. There is a security vulnerability in Microsoft Office Excel, which stems from integer underflow. This vulnerability may allow unauthorized attackers to execute code locally...

Spree: CSV Formula Injection in Customer Export

Summary CSV formula injection also known as formula injection or CSV injection affects customer export. User-controlled values customer names, email addresses, and shipping addresses. When an administrator opens a crafted Export in Microsoft Excel or LibreOffice Calc, formulas embedded in user da...

CVE-2026-41073 RT: Spreadsheet downloads vulnerable to CSV/formula injection in Microsoft Excel and similar apps

RT is an open source, enterprise-grade issue and ticket tracking system. Versions prior to 5.0.10 and 6.0.0 through 6.0.2 contain a spreadsheet CSV/formula injection vulnerability. User-controlled data in spreadsheet exports is not sanitized before being written to the output file, which can caus...

CVE-2026-40359 Microsoft Excel Remote Code Execution Vulnerability

...

Security Updates for Microsoft Office Products (April 2026) (macOS)

The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the april-14-2026 advisory. - Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-33095, CVE-2026-33115 - Out-of-boun...

CVE-2026-32198

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2026-32198

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2026-32199 Microsoft Excel Remote Code Execution Vulnerability

...

CVE-2026-32189 Microsoft Excel Remote Code Execution Vulnerability

...

PT-2026-32578

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file .xlsx via the...

CVE-2026-26109

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2026-26107

CVE-2026-26107 is a Microsoft Excel remote code execution vulnerability described as a use-after-free issue in Excel/Office. Affected software is Microsoft Excel within the Office suite; the underlying cause is use-after-free in Excel, enabling an attacker to execute code locally. Exploitation is...

CVE-2026-26112 Microsoft Excel Remote Code Execution Vulnerability

...

Description of the security update for Office 2016: March 10, 2026 (KB5002718)

Description of the security update for Office 2016: March 10, 2026 KB5002718 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2026-26108. Note: To apply this...

Description of the security update for Office Online Server: March 10, 2026 (KB5002846)

Description of the security update for Office Online Server: March 10, 2026 KB5002846 Summary This security update resolves Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and...