Search
Search Results (500 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-40366 | 1 Microsoft | 10 365 Apps, Office, Office 2019 and 7 more | 2026-05-19 | 8.4 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-40418 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-05-19 | 7.8 High |
| Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40419 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-05-19 | 7.8 High |
| Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40420 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-05-19 | 8.8 High |
| Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-41100 | 1 Microsoft | 3 365 Copilot, 365 Copilot Android, 365 Copilot Android | 2026-05-16 | 4.4 Medium |
| Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2026-41614 | 1 Microsoft | 2 365 Copilot, 365 Copilot For Desktop | 2026-05-14 | 6.2 Medium |
| Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally. | ||||
| CVE-2026-26129 | 1 Microsoft | 2 365 Copilot Business Chat, 365 Copilot Chat | 2026-05-08 | 7.5 High |
| Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-26164 | 1 Microsoft | 2 365 Copilot Business Chat, 365 Copilot Chat | 2026-05-08 | 7.5 High |
| Improper neutralization of special elements in output used by a downstream component ('injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-33822 | 1 Microsoft | 4 365 Apps, Office Long Term Servicing Channel, Office Macos 2021 and 1 more | 2026-04-29 | 6.1 Medium |
| Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-33114 | 1 Microsoft | 6 365 Apps, Office 2021, Office 2024 and 3 more | 2026-04-29 | 8.4 High |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-33095 | 1 Microsoft | 6 365 Apps, Office 2021, Office 2024 and 3 more | 2026-04-29 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-33115 | 1 Microsoft | 6 365 Apps, Office 2021, Office 2024 and 3 more | 2026-04-29 | 8.4 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-32189 | 1 Microsoft | 12 365 Apps, Excel, Excel 2016 and 9 more | 2026-04-29 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-32188 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-29 | 7.1 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-23657 | 1 Microsoft | 4 365 Apps, Microsoft 365 Apps For Enterprise, Office 2024 and 1 more | 2026-04-29 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-32190 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-04-29 | 8.4 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-33102 | 1 Microsoft | 1 365 Copilot | 2026-04-29 | 9.3 Critical |
| Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-32198 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-28 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-32197 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-28 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-32199 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-28 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||