26 matches found
CVE-2026-45456
CVE-2026-45456 affects Microsoft Office apps (notably Outlook and Word) and is caused by a resource access type confusion that can lead to local code execution. The vulnerability allows an authenticated, local attacker to run arbitrary code without user interaction, with high impact on confidenti...
CVE-2026-45458
Microsoft Office (including Outlook and Word) is affected by CVE-2026-45458 due to a type-confusion in resource access, enabling local code execution. The vulnerability arises when an incompatible type is accessed, with a local attack vector, no user interaction, and no privileges required. The C...
CVE-2026-45463
CVE-2026-45463 describes a heap-based buffer overflow in Microsoft Office that allows an attacker with local access to execute code on the affected system. The sources identify Microsoft Office and classify the flaw as a heap-based overflow with high impact (CVSSv3.1: 8.4, LOCAL access, no user i...
CVE-2026-44819
CVE-2026-44819 affects Microsoft Office and is described as a heap-based buffer overflow that allows a local attacker to execute code. The vulnerability is characterized by a LOCAL attack vector, LOW attack complexity, and requires user interaction, with a high impact on confidentiality, integrit...
CVE-2026-44818
CVE-2026-44818 affects Microsoft Excel. A integer underflow (wrap/wraparound) in Excel is described as allowing an unauthorized attacker to execute code locally. The associated CVSS 3.1 vector indicates Local attack vector, high impact on confidentiality, integrity, and availability, with High pr...
CVE-2026-45474
The documents confirm CVE-2026-45474 is a Microsoft Office vulnerability described as a heap-based buffer overflow that allows an unauthenticated/unauthorized attacker to execute code locally on affected systems. Affected product is Microsoft Office, with the root cause identified as a heap-based...
CVE-2026-45469
CVE-2026-45469 affects Microsoft Excel (Office) and is caused by an integer underflow/wraparound in Excel. The vulnerability can allow a local attacker to execute code on the affected system; the CVSS indicates LOCAL access, required user interaction, and high impact to confidentiality, integrity...
CVE-2026-45455
CVE-2026-45455 is an Excel information-disclosure vulnerability (out-of-bounds read) in Microsoft Office Excel. The issue allows an unauthorized attacker to disclose information over a network. Multiple connected documents confirm the affected component as Microsoft Excel (Office) and attribute t...
CVE-2026-44817
CVE-2026-44817 is an Excel vulnerability: an integer underflow (wrap/wraparound) in Microsoft Excel could allow a local attacker to execute code. Exploitation details in the public metrics show local access with user interaction required and high impact on confidentiality, integrity, and availabi...
CVE-2026-45485
CVE-2026-45485: In Microsoft Office, an out-of-bounds read leads to local information disclosure. Documents confirm the vulnerability and its impact (local disclosure) with low severity (CVSS 3.1:3.3). Exploitation details and affected component/version specifics are not provided in the supplied ...
CVE-2026-44820
CVE-2026-44820 affects Microsoft Excel in Office. An integer underflow (wrap/wraparound) in Excel can allow a local attacker to execute code on the affected host. Exploitation requires local access and user interaction; no remote vector is indicated. The CVSS 3.1 base score is 7.8 (HIGH) with imp...
CVE-2026-45459
The CVE-2026-45459 entry concerns Microsoft Excel. A protection-mechanism failure in Excel is described as allowing a local attacker to bypass a security feature. According to the available data, the vulnerability has a low base score (CVSS 3.1: 3.3), with LOCAL attack vector, LOW attack complexi...
CVE-2026-45461
CVE-2026-45461 describes a heap-based buffer overflow in Microsoft Office that allows an unauthorized attacker to execute code locally. Documents confirm the vulnerability exists in Microsoft Office and indicate a local attack vector with high impact (C: HIGH, I: HIGH, A: HIGH) and a base score o...
CVE-2026-45645
The provided data identify CVE-2026-45645 as a heap-based buffer overflow affecting Microsoft Office, enabling local code execution. Details show an exploit would require user interaction and has a local attack surface (attackVector: LOCAL, userInteraction: REQUIRED) with high impacts on confiden...
CVE-2026-45472
CVE-2026-45472 is a heap-based buffer overflow in Microsoft Office that allows an unauthorized attacker to execute code locally. The connected sources (NVD, CVE listing) corroborate a local-execution impact due to a heap overflow in Office components. No explicit root-cause details beyond the hea...
CVE-2026-44822
CVE-2026-44822 describes an out-of-bounds read in Microsoft Office Excel that can allow an unauthenticated attacker to disclose information over the network. Affected product: Microsoft Excel within Office. Underlying cause is an out-of-bounds read; the CVSS 3.1 base score is 8.2 (High) with netw...
CVE-2026-44823
The CVE-2026-44823 entry concerns an integer underflow (wrap or wraparound) in Microsoft Office Excel that could allow an attacker to execute code locally. Affected product: Microsoft Excel within Microsoft Office. The vulnerability is described as enabling local code execution with attack vector...
CVE-2026-45466
CVE-2026-45466 : Heap-based buffer overflow in Microsoft Word can allow a local attacker to disclose information. Affected product: Microsoft Word (Office). Vulnerability type: heap-based overflow in Word’s handling of content. Impact: confidentiality leakage (low), local access required with use...
CVE-2026-44821
The CVE-2026-44821 entry concerns an out-of-bounds read in Microsoft Office that could allow a local attacker to disclose information. Affected software is Microsoft Office; the vulnerability is a read boundary issue in a component/file used by Office, enabling local information disclosure. The p...
CVE-2026-44824
CVE-2026-44824 affects Microsoft Office and is a heap-based buffer overflow that enables local code execution. The issue requires user interaction and has a CVSS v3.1 base score of 7.8 (HIGH) with LOCAL attack vector, no privileges required, and high impact on confidentiality, integrity, and avai...
CVE-2026-45457
CVE-2026-45457 affects Microsoft Word (Office). The vulnerability is a pointer dereference in Word that can allow a local attacker to execute code on the affected system after user interaction. Root cause is an untrusted pointer dereference in Word’s handling of certain content. The CVSS base met...
CVE-2026-45471
CVE-2026-45471 affects Microsoft Word and stems from an untrusted pointer dereference in Word’s runtime that can lead to local code execution. The CVSSv3.1 vector (L/Low complexity, no privileges required, user interaction required, local scope) yields a base score of 7.8 (HIGH). Documented impac...
CVE-2026-45460
CVE-2026-45460 is an information-disclosure vulnerability in Microsoft Office caused by an out-of-bounds read in a Microsoft Office component. It allows a local, unauthenticated attacker to disclose information (confidentiality impact). The CVSSv3.1 metrics indicate a Local attack vector, High ex...
CVE-2026-45486
CVE-2026-45486 concerns an untrusted pointer dereference in Microsoft Word that can allow a local attacker to execute code. The CVSS metrics indicate a HIGH base score (7.8) with LOCAL attack vector, LOW attack complexity, and user interaction required, privileges NONE, reflecting a local impact ...
CVE-2026-45475
This CVE (CVE-2026-45475) concerns a heap-based buffer overflow in Microsoft Office. The description indicates an unauthorized attacker could achieve local code execution, with user interaction required and high impact on confidentiality, integrity, and availability. The provided documents do not...
CVE-2026-45643
Summary of CVE-2026-45643 : Affected product is Microsoft Word (Office). The vulnerability is an untrusted pointer dereference in Word that allows an attacker to achieve local code execution on a vulnerable system with high impact (confidentiality, integrity, and availability). The CVSS-3.1 vecto...