CVE-2026-42893

CVE-2026-42893 concerns Improper neutralization of special elements used in a command (command injection) in M365 Copilot, leading to potential tampering over a network. Connected records identify affected software as Microsoft Outlook for iOS and M365 Copilot, with the issue described as command...

Microsoft多款产品 安全漏洞

Microsoft Excel is a product of the American company Microsoft. Microsoft Excel is a spreadsheet processing software within the Office suite. Microsoft Edge is a web browser that comes with systems running Windows 10 and later versions. Microsoft Word is a word processing software within the Offi...

KLA90936 OSI vulnerability in Microsoft Office

An information disclosure vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2026-26133 Exploitation Related products Microsoft-Outlook Microsoft-Excel Microsoft-Word CVE list CVE-2026-26133 high...

Microsoft Outlook Information Disclosure Vulnerability (CNVD-2026-12557)

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Outlook. The vulnerability stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to conduc...

CVE-2026-21511

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-21511

CVE-2026-21511 describes deserialization of untrusted data in Microsoft Office Outlook, enabling an unauthorized attacker to spoof over a network. Affected product: Microsoft Office Outlook. Root cause: unsafe deserialization of data. Impact: spoofing with network access; CVSS v3.1 base score 7.5...

CVE-2026-21511 Microsoft Outlook Spoofing Vulnerability

...

CVE-2026-21260 Microsoft Outlook Spoofing Vulnerability

...

CVE-2026-21260

CVE-2026-21260 affects Microsoft Office Outlook, where exposure of sensitive information to an unauthorized actor enables network-based spoofing. The entry cites a CVSSv3.1 base score of 7.5 (HIGH) with an attack vector of NETWORK and no privileges required, but has no exploitation details in the...

CVE-2026-21260 Microsoft Outlook Spoofing Vulnerability

...

Microsoft Outlook Spoofing Vulnerability

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network...

Microsoft Outlook Spoofing Vulnerability

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network...

Microsoft Outlook 信息泄露漏洞

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Outlook. The vulnerability stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to conduc...

CVE-2007-4040

Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command...

Microsoft Outlook Resource Management Error Vulnerability

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A security vulnerability exists in Microsoft Outlook. An attacker could exploit the vulnerability to remotely execute code...

CVE-2025-62562 Microsoft Outlook Remote Code Execution Vulnerability

...

CVE-2025-62562

CVE-2025-62562 is a Microsoft Outlook remote code execution vulnerability identified in Office Outlook. The connected sources describe it as a use-after-free in Outlook, enabling an attacker to execute arbitrary code locally. Affected product: Microsoft Outlook (part of Microsoft Office). Underly...

CVE-2025-62562 Microsoft Outlook Remote Code Execution Vulnerability

...

Microsoft Outlook Remote Code Execution Vulnerability

Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally...

Microsoft Outlook 资源管理错误漏洞

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A security vulnerability exists in Microsoft Outlook. An attacker could exploit the vulnerability to remotely execute code...