Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: office Clear
ID Title
CVE-2026-47293 Use-After-Free in microsoft (CVE-2026-47293)
vulnerability in microsoft (CVE-2026-47293). Successful exploitation can lead to full system takeover.
CVE-2026-42832 Vulnerability in microsoft (CVE-2026-42832)
vulnerability in microsoft (CVE-2026-42832). Confidential information can be exposed externally.
CVE-2026-42831 Vulnerability in microsoft (CVE-2026-42831)
vulnerability in microsoft (CVE-2026-42831). Successful exploitation can lead to full system takeover.
CVE-2026-40418 Use-After-Free in microsoft (CVE-2026-40418)
vulnerability in microsoft (CVE-2026-40418). Successful exploitation can lead to full system takeover.
CVE-2026-40419 Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2026-40420 Vulnerability in microsoft (CVE-2026-40420)
vulnerability in microsoft (CVE-2026-40420). Successful exploitation can lead to full system takeover.
CVE-2026-40421 Vulnerability in microsoft (CVE-2026-40421)
vulnerability in microsoft (CVE-2026-40421). Risk of unauthorized operations or information disclosure.
CVE-2026-40367 Vulnerability in microsoft (CVE-2026-40367)
vulnerability in microsoft (CVE-2026-40367). Successful exploitation can lead to full system takeover.
CVE-2026-40360 Out-of-Bounds Read in microsoft (CVE-2026-40360)
vulnerability in microsoft (CVE-2026-40360). Successful exploitation can lead to full system takeover.
CVE-2026-40366 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-35440 Vulnerability in microsoft (CVE-2026-35440)
vulnerability in microsoft (CVE-2026-35440). Confidential information can be exposed externally.
CVE-2026-40362 Vulnerability in microsoft (CVE-2026-40362)
vulnerability in microsoft (CVE-2026-40362). Successful exploitation can lead to full system takeover.
CVE-2026-40363 Vulnerability in microsoft (CVE-2026-40363)
vulnerability in microsoft (CVE-2026-40363). Successful exploitation can lead to full system takeover.
CVE-2026-40364 Vulnerability in microsoft (CVE-2026-40364)
vulnerability in microsoft (CVE-2026-40364). Successful exploitation can lead to full system takeover.
CVE-2026-40359 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-40358 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-40361 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-35436 Vulnerability in microsoft (CVE-2026-35436)
vulnerability in microsoft (CVE-2026-35436). Successful exploitation can lead to full system takeover.
CVE-2009-0238 KEV [KEV] Code Injection in Microsoft office (CVE-2009-0238)
code injection in Microsoft office (CVE-2009-0238). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-26134 Vulnerability in microsoft (CVE-2026-26134)
vulnerability in microsoft (CVE-2026-26134). Successful exploitation can lead to full system takeover.
CVE-2026-26110 Vulnerability in microsoft (CVE-2026-26110)
vulnerability in microsoft (CVE-2026-26110). Successful exploitation can lead to full system takeover.
CVE-2026-25180 Out-of-Bounds Read in microsoft (CVE-2026-25180)
vulnerability in microsoft (CVE-2026-25180). Confidential information can be exposed externally.
CVE-2026-24285 Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
CVE-2026-21514 KEV [KEV] Vulnerability in Microsoft office (CVE-2026-21514)
vulnerability in Microsoft office (CVE-2026-21514). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-21509 KEV [KEV] Vulnerability in Microsoft office (CVE-2026-21509)
vulnerability in Microsoft office (CVE-2026-21509). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2009-0556 KEV [KEV] Code Injection in Microsoft office (CVE-2009-0556)
code injection in Microsoft office (CVE-2009-0556). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-62557 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62554 Vulnerability in microsoft (CVE-2025-62554)
vulnerability in microsoft (CVE-2025-62554). Successful exploitation can lead to full system takeover.
CVE-2025-62199 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-60724 Vulnerability in microsoft (CVE-2025-60724)
vulnerability in microsoft (CVE-2025-60724). Successful exploitation can lead to full system takeover.
CVE-2025-59234 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-59227 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53799 Vulnerability in microsoft (CVE-2025-53799)
vulnerability in microsoft (CVE-2025-53799). Confidential information can be exposed externally.
CVE-2025-53766 Vulnerability in microsoft (CVE-2025-53766)
vulnerability in microsoft (CVE-2025-53766). Successful exploitation can lead to full system takeover.
CVE-2025-53732 Vulnerability in microsoft (CVE-2025-53732)
vulnerability in microsoft (CVE-2025-53732). Successful exploitation can lead to full system takeover.
CVE-2025-49702 Vulnerability in microsoft (CVE-2025-49702)
vulnerability in microsoft (CVE-2025-49702). Successful exploitation can lead to full system takeover.
CVE-2025-49697 Vulnerability in microsoft (CVE-2025-49697)
vulnerability in microsoft (CVE-2025-49697). Successful exploitation can lead to full system takeover.
CVE-2025-49695 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49696 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47953 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47167 Vulnerability in microsoft (CVE-2025-47167)
vulnerability in microsoft (CVE-2025-47167). Successful exploitation can lead to full system takeover.
CVE-2025-47164 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47162 Vulnerability in microsoft (CVE-2025-47162)
vulnerability in microsoft (CVE-2025-47162). Successful exploitation can lead to full system takeover.
CVE-2025-30388 Vulnerability in microsoft (CVE-2025-30388)
vulnerability in microsoft (CVE-2025-30388). Successful exploitation can lead to full system takeover.
CVE-2025-30386 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-26687 Use-After-Free in microsoft (CVE-2025-26687)
vulnerability in microsoft (CVE-2025-26687). Successful exploitation can lead to full system takeover.
CVE-2025-21402 Microsoft Office OneNote Remote Code Execution Vulnerability
Microsoft Office OneNote Remote Code Execution Vulnerability
CVE-2025-21361 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2025-21338 GDI+ Remote Code Execution Vulnerability
GDI+ Remote Code Execution Vulnerability
CVE-2024-30104 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →