Lucene search
+L
MicrosoftExcel

446 matches found

CVE
CVE
added 2011/06/16 8:21 p.m.55 views

CVE-2011-1278

CVE-2011-1278 affects Microsoft Excel 2002 SP3 and Office 2004 for Mac. The issue arises when parsing Excel record information, where input validation failures can lead to remote code execution or memory corruption via a crafted spreadsheet (Excel WriteAV vulnerability). The vulnerability is tied...

9.3CVSS7.7AI score0.16968EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.55 views

CVE-2026-44817

CVE-2026-44817 is an Excel vulnerability: an integer underflow (wrap/wraparound) in Microsoft Excel could allow a local attacker to execute code. Exploitation details in the public metrics show local access with user interaction required and high impact on confidentiality, integrity, and availabi...

7.8CVSS7.2AI score0.00372EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.53 views

CVE-2000-0637

Microsoft Excel 97 and 2000 are affected by a vulnerability in the Register.ID function that allows an attacker to trigger execution of arbitrary commands by specifying a malicious .dll; impact is arbitrary commands with local access. The provided documents do not include exploitation details or ...

4.6CVSS7.7AI score0.02372EPSS
CVE
CVE
added 2008/03/11 11:0 p.m.53 views

CVE-2008-0114

CVE-2008-0114 describes a remote code execution vulnerability in Microsoft Excel’s handling of Style records. It affects Excel 2000 SP3 through 2003 SP2, Excel Viewer 2003, and Office for Mac 2004. The underlying issue is a memory handling error that occurs when loading specially crafted Excel fi...

9.3CVSS9.7AI score0.38754EPSS
CVE
CVE
added 2025/07/08 4:57 p.m.53 views

CVE-2025-49711

Microsoft Office Excel is affected by CVE-2025-49711 (Use-after-free in Excel) enabling local code execution. The vulnerability is documented across multiple sources, with the Microsoft Excel RCE identified as the root cause and trusted updates released. Affected products include Microsoft Excel ...

7.8CVSS7.3AI score0.00457EPSS
CVE
CVE
added 2006/07/13 10:0 p.m.52 views

CVE-2006-1309

CVE-2006-1309 is a Microsoft Excel vulnerability affecting Excel 2000–2004 where opening a crafted .xls file with a malformed LABEL record can trigger memory corruption and allow remote code execution. The underlying issue is memory corruption during processing of the LABEL record, potentially en...

9.3CVSS7.2AI score0.09741EPSS
CVE
CVE
added 2026/05/12 4:59 p.m.52 views

CVE-2026-42832

This CVE (CVE-2026-42832) concerns Microsoft Office and is rooted in improper access control that enables a local attacker to spoof. Affected software is Microsoft Office; the vulnerability is described as allowing local spoofing with high impact to confidentiality and integrity (per CVSS 3.1 met...

7.7CVSS5.8AI score0.00222EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.52 views

CVE-2026-44812

CVE-2026-44812 affects Windows graphics component Win32K GRFX, where an integer overflow/wraparound in GRFX can allow an unauthorized attacker to execute code locally. The CVSS v3.1 vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H with a base score of 7.8 (HIGH). Exploitation details are not provide...

7.8CVSS5.7AI score0.00437EPSS
CVE
CVE
added 2026/04/14 4:57 p.m.51 views

CVE-2026-32188

CVE-2026-32188 appears to be an information-disclosure vulnerability in Microsoft Excel. The entry lists Excel as the affected product and indicates the vulnerability is exploitable locally with user interaction required, and it has high impact on confidentiality and availability. The CVSSv3.1 ve...

7.1CVSS5.6AI score0.00411EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.50 views

CVE-2025-59235

CVE-2025-59235 is an information-disclosure vulnerability in Microsoft Excel (Office) caused by an out-of-bounds read. Public sources in the connected docs consistently identify the affected component as Excel within the Microsoft Office suite and link the issue to Excel information-disclosure mi...

7.1CVSS6AI score0.00612EPSS
CVE
CVE
added 2025/07/08 4:57 p.m.49 views

CVE-2025-48812

CVE-2025-48812 affects Microsoft Excel (Office). An out-of-bounds read in Excel can allow a local attacker to disclose information. Public details in the provided documents indicate the issue impacts Excel 2016 and related Office components, with a local attack vector and high confidentiality imp...

5.5CVSS6AI score0.00508EPSS
CVE
CVE
added 2026/05/12 4:59 p.m.49 views

CVE-2026-40362

Summary: CVE-2026-40362 is a heap-based buffer overflow in Microsoft Office Excel that allows a local attacker to execute code. The CVSS 3.1 vector indicates LOCAL attack, no privileges required, user interaction required, with a High impact on confidentiality, integrity, and availability (base s...

7.8CVSS6AI score0.00321EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.49 views

CVE-2026-45455

CVE-2026-45455 is an Excel information-disclosure vulnerability (out-of-bounds read) in Microsoft Office Excel. The issue allows an unauthorized attacker to disclose information over a network. Multiple connected documents confirm the affected component as Microsoft Excel (Office) and attribute t...

4.3CVSS5.8AI score0.00629EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.48 views

CVE-2026-45469

CVE-2026-45469 affects Microsoft Excel (Office) and is caused by an integer underflow/wraparound in Excel. The vulnerability can allow a local attacker to execute code on the affected system; the CVSS indicates LOCAL access, required user interaction, and high impact to confidentiality, integrity...

7.8CVSS5.7AI score0.00372EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.48 views

CVE-2026-45649

CVE-2026-45649 : Improper access control in Office for Android allows an unauthorized attacker to perform local spoofing. This is a local attack with user interaction required; impact on confidentiality and integrity is high, availability not affected. Connected documents confirm an Office for An...

7.1CVSS5.4AI score0.00419EPSS
CVE
CVE
added 2025/08/12 5:10 p.m.47 views

CVE-2025-53735

CVE-2025-53735 is a Microsoft Excel remote code execution vulnerability caused by a use-after-free condition in Excel. The issue allows an attacker to run arbitrary code locally when a user opens a specially crafted Excel file. Microsoft has released security updates to address this vulnerability...

7.8CVSS7.8AI score0.00565EPSS
CVE
CVE
added 2025/08/12 5:10 p.m.47 views

CVE-2025-53737

CVE-2025-53737 is a Microsoft Excel remote code execution vulnerability caused by a heap-based buffer overflow when opening specially crafted files. The connected sources (e.g., MSRC/Excel advisories and CNVD) confirm Excel as the affected product and cite heap-based overflow as the root cause le...

7.8CVSS8AI score0.00531EPSS
CVE
CVE
added 2026/03/10 5:5 p.m.47 views

CVE-2026-26109

CVE-2026-26109 concerns a Microsoft Excel remote code execution vulnerability. The entry identifies Excel as affected and assigns a high impact on confidentiality, integrity, and availability per CVSS 3.1 metrics. The advisory notes a official fix is available, with an attack vector described as ...

8.4CVSS5.9AI score0.00416EPSS
CVE
CVE
added 2025/12/09 5:55 p.m.45 views

CVE-2025-62553

CVE-2025-62553 affects Microsoft Excel (Office) with a use-after-free in Excel leading to local arbitrary code execution. The vulnerability, tracked across multiple advisories (CNVD/CNNVD/MSVCVE/NCSc) and confirmed by MSRC, is mitigated by December 2025 Office security updates (e.g., KB5002818/KB...

7.8CVSS7.1AI score0.00664EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.42 views

CVE-2026-44820

CVE-2026-44820 affects Microsoft Excel in Office. An integer underflow (wrap/wraparound) in Excel can allow a local attacker to execute code on the affected host. Exploitation requires local access and user interaction; no remote vector is indicated. The CVSS 3.1 base score is 7.8 (HIGH) with imp...

7.8CVSS7.1AI score0.00372EPSS
CVE
CVE
added 2025/09/09 5:0 p.m.41 views

CVE-2025-54896

CVE-2025-54896 is a Use-After-Free vulnerability in Microsoft Office Excel that can enable local code execution. Affected component: Microsoft Excel (Office). Root cause: use-after-free condition in Excel leading to arbitrary code execution. Impact: remote code execution with high severity (per C...

7.8CVSS7AI score0.0054EPSS
CVE
CVE
added 2026/01/13 5:57 p.m.41 views

CVE-2026-20957

CVE-2026-20957 is a Microsoft Excel/Office vulnerability caused by an integer underflow in Excel that could allow an attacker to execute code locally. The issue affects Microsoft Excel components across Office products (including Excel on Office Online Server and Excel 2016) and is documented as ...

7.8CVSS6.9AI score0.0045EPSS
CVE
CVE
added 2025/10/14 5:1 p.m.40 views

CVE-2025-59232

CVE-2025-59232 is an information-disclosure vulnerability in Microsoft Excel (part of Microsoft Office) caused by an out-of-bounds read that can disclose local data. The issue affects Excel components within Office; remediation is available via Microsoft Office security updates released October 2...

7.1CVSS6AI score0.00454EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.40 views

CVE-2026-44823

The CVE-2026-44823 entry concerns an integer underflow (wrap or wraparound) in Microsoft Office Excel that could allow an attacker to execute code locally. Affected product: Microsoft Excel within Microsoft Office. The vulnerability is described as enabling local code execution with attack vector...

7.8CVSS7.2AI score0.00372EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.38 views

CVE-2026-32199

CVE-2026-32199 affects Microsoft Excel (Office) with a use-after-free in Excel that enables local code execution by an attacker. The vulnerability is listed under Excel-related issues in multiple advisories and is addressed by security updates from Microsoft (e.g., KB5002855 for Office Online Ser...

7.8CVSS5.9AI score0.00291EPSS
CVE
CVE
added 2026/05/12 4:59 p.m.38 views

CVE-2026-40359

CVE-2026-40359 is a Microsoft Excel use-after-free remote code execution vulnerability. Description and NVD match: Excel component vulnerability allows an attacker to execute code locally due to a use-after-free condition. Exploitation status is not explicitly provided in the documents. Microsoft...

7.8CVSS6AI score0.00332EPSS
CVE
CVE
added 2025/09/09 5:0 p.m.37 views

CVE-2025-54903

CVE-2025-54903 is a Microsoft Excel remote code execution vulnerability described as a use-after-free in Excel that could allow an attacker to execute code locally. The CVSS 3.1 metrics indicate a local, low-attack-complexity, no privileges required, with user interaction required, and high impac...

7.8CVSS7AI score0.0054EPSS
CVE
CVE
added 2025/11/11 5:59 p.m.37 views

CVE-2025-60727

CVE-2025-60727 affects Microsoft Excel (Office) with an out-of-bounds read in Excel that enables local code execution. The vulnerability is documented across multiple feeds (MSRC/MSKB entries, CNVD, EUVD) and is associated with Excel-related exploitation in November 2025 advisories. The available...

7.8CVSS5.7AI score0.00509EPSS
CVE
CVE
added 2026/01/13 5:57 p.m.37 views

CVE-2026-20950

CVE-2026-20950 is a Microsoft Excel remote code execution vulnerability reported as a use-after-free in Excel affecting Office/Excel components. Exploitation would allow an attacker to execute code locally on a vulnerable system. Multiple connected sources confirm Excel is affected and that updat...

7.8CVSS7.1AI score0.00429EPSS
CVE
CVE
added 2026/03/10 5:5 p.m.37 views

CVE-2026-26108

CVE-2026-26108 is a Microsoft Excel heap-based buffer overflow vulnerability that allows an attacker to execute code locally. Multiple connected sources corroborate Excel as the affected component, with the underlying issue described as a heap-based overflow leading to remote code execution in Ex...

7.8CVSS6.1AI score0.00493EPSS
CVE
CVE
added 2025/11/11 5:59 p.m.36 views

CVE-2025-62199

CVE-2025-62199 is a Microsoft Office remote code execution/use-after-free vulnerability. The CVE affects multiple Office components (notably Office and Excel) due to a memory-management flaw described as a use-after-free in Office, enabling a locally authenticated attacker to run arbitrary code. ...

7.8CVSS5.8AI score0.00743EPSS
CVE
CVE
added 2025/09/09 5:0 p.m.35 views

CVE-2025-54902

Microsoft Excel in Office is affected by a local, user-interaction-requiring code-execution vulnerability due to an out-of-bounds read. The CVE-2025-54902 issue is documented as a Microsoft Excel remote code execution vulnerability with an affected vector described in the MSRC entry and corrobora...

7.8CVSS6.8AI score0.0054EPSS
CVE
CVE
added 2026/02/10 5:51 p.m.35 views

CVE-2026-21261

CVE-2026-21261 describes an out-of-bounds read in Microsoft Excel that could allow a local attacker to disclose information. The issue affects Excel, with the root cause described as an out-of-bounds read in handling certain data, resulting in information disclosure (no impact on integrity or ava...

5.5CVSS5.4AI score0.00596EPSS
CVE
CVE
added 2026/03/10 5:5 p.m.35 views

CVE-2026-26107

CVE-2026-26107 is a Microsoft Excel remote code execution vulnerability described as a use-after-free issue in Excel/Office. Affected software is Microsoft Excel within the Office suite; the underlying cause is use-after-free in Excel, enabling an attacker to execute code locally. Exploitation is...

7.8CVSS5.9AI score0.00435EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.35 views

CVE-2026-44822

CVE-2026-44822 describes an out-of-bounds read in Microsoft Office Excel that can allow an unauthenticated attacker to disclose information over the network. Affected product: Microsoft Excel within Office. Underlying cause is an out-of-bounds read; the CVSS 3.1 base score is 8.2 (High) with netw...

8.2CVSS5.4AI score0.00518EPSS
CVE
CVE
added 2025/08/12 5:9 p.m.34 views

CVE-2025-53741

CVE-2025-53741 is a Microsoft Excel remote code execution vulnerability caused by a heap-based buffer overflow in Excel. The CVE is linked to Office/Excel components and is rated HIGH (CVSS: LOCAL, LOW-EXPLOITABILITY, requiring user interaction). Corporate advisories and MSRC update guides indica...

7.8CVSS8AI score0.0052EPSS
CVE
CVE
added 2026/01/13 5:56 p.m.34 views

CVE-2026-20946

CVE-2026-20946 is an Out-of-bounds read in Microsoft Office Excel that allows local code execution. Connected sources confirm Excel/Office impact and provide remediation via the January 2026 security updates (e.g., KB5002831 for Excel 2016; MSRC update guidance). Affected products include Excel 2...

7.8CVSS6.9AI score0.00681EPSS
CVE
CVE
added 2025/09/09 5:0 p.m.33 views

CVE-2025-54898

CVE-2025-54898 is a Microsoft Excel remote code execution vulnerability: an out-of-bounds read in Excel allows an attacker to run code locally on a user’s machine, with a local attack vector, no privileges required, and user interaction needed. The CVSS 3.1 vector is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/...

7.8CVSS6.8AI score0.0054EPSS
CVE
CVE
added 2025/09/09 5:0 p.m.33 views

CVE-2025-54904

CVE-2025-54904 is a use-after-free vulnerability in Microsoft Office Excel that allows an authenticated local attacker to execute code. The issue affects Excel/Office components and results in a local code execution impact with high severity. Microsoft has released a security update (KB5002776) t...

7.8CVSS7AI score0.0054EPSS
CVE
CVE
added 2025/08/12 5:10 p.m.32 views

CVE-2025-53739

Microsoft Excel remote code execution via a type confusion error (CVE-2025-53739) affects Office Excel engines when handling specially crafted files. The issue is described as an incompatible type resource access leading to local code execution. Publicly documented impact states attacker-controll...

7.8CVSS7.5AI score0.00565EPSS
CVE
CVE
added 2025/09/09 5:0 p.m.32 views

CVE-2025-54899

CVE-2025-54899 is an Excel Remote Code Execution vulnerability due to heap memory management error in Microsoft Excel/Office components (freeing memory on the heap). The CVE has a 3.1 base score of 7.8 (HIGH) with LOCAL exploit and USER INTERACTION required, per Microsoft advisory. Public referen...

7.8CVSS6.8AI score0.0054EPSS
CVE
CVE
added 2025/09/09 5:1 p.m.32 views

CVE-2025-54900

CVE-2025-54900 is a Microsoft Excel remote code execution vulnerability described as a heap-based buffer overflow in Excel that allows an attacker with local access to run code on the affected system. The CVE is documented for Microsoft Office Excel/Office products and is tracked with a high impa...

7.8CVSS7.2AI score0.0054EPSS
CVE
CVE
added 2025/09/09 5:1 p.m.32 views

CVE-2025-54901

CVE-2025-54901 affects Microsoft Excel (Office) with a buffer over-read that could allow a local attacker to disclose information. The CVE is linked to a Microsoft Excel information-disclosure vulnerability (CVE-2025-54901) with confirmed public references; the contribution notes indicate an info...

5.5CVSS6AI score0.00601EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.31 views

CVE-2026-32197

CVE-2026-32197 is a vulnerability described across multiple sources as a Use-after-free in Microsoft Office Excel that allows an attacker to locally execute code. The Windows/Office context is supported by the primary CVE entry and the MACOS Nessus notes referencing Excel exploits in the April 20...

7.8CVSS5.9AI score0.00291EPSS
CVE
CVE
added 2026/02/10 5:51 p.m.29 views

CVE-2026-21259

CVE-2026-21259 is a heap-based buffer overflow in Microsoft Excel (Office) that enables local privilege escalation. Multiple sources (MSRC advisory, CNVD, CIRCL sightings, KB entries) confirm Excel as the affected product and indicate that Microsoft released February 2026 security updates (e.g., ...

7.8CVSS5.8AI score0.00524EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.29 views

CVE-2026-32198

CVE-2026-32198 is a use-after-free vulnerability in Microsoft Office Excel that can allow a local attacker to execute arbitrary code on the affected system. The vulnerability is described in multiple sources as affecting Microsoft Excel, with the underlying issue being a use-after-free in Excel’s...

7.8CVSS5.9AI score0.00292EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.28 views

CVE-2025-59231

CVE-2025-59231 is a Microsoft Excel vulnerability described as a type-confusion in Excel that could allow an attacker with local access to execute code on the affected system. The associated Nessus findings and Microsoft advisories indicate multiple October 2025 office updates address this and re...

7.8CVSS6.9AI score0.0049EPSS
CVE
CVE
added 2025/12/09 5:56 p.m.28 views

CVE-2025-62560

Microsoft Excel/Office contains a local-code-execution vulnerability due to an untrusted pointer dereference in Excel. Affected product: Microsoft Excel (part of Microsoft Office). Root cause: untrusted pointer dereference within Excel’s code path. Impact: local code execution with high confident...

7.8CVSS6.9AI score0.00491EPSS
CVE
CVE
added 2026/05/12 4:58 p.m.28 views

CVE-2026-40360

CVE-2026-40360 is an information-disclosure vulnerability in Microsoft Excel caused by an out-of-bounds read, enabling a local attacker to disclose data. The available documents identify the affected product as Microsoft Excel and describe a local attack that could lead to confidential informatio...

7.8CVSS5.8AI score0.00408EPSS
CVE
CVE
added 2025/10/14 5:1 p.m.27 views

CVE-2025-59223

CVE-2025-59223 is a Microsoft Excel remote code execution vulnerability caused by a use-after-free in Excel. Connected sources confirm this CVE is part of a broader October 2025 Office/Excel/Mac updates package and is addressed by security updates from Microsoft (e.g., KB5002794 for Excel 2016) a...

7.8CVSS7.1AI score0.00355EPSS
Total number of security vulnerabilities446