office online server (microsoft) — Vulnerabilities

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-44822HIGH 8.2

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

CVE-2026-44820HIGH 7.8

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-44818HIGH 7.0

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-44817HIGH 7.8

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-40362HIGH 7.8

May 12, 2026

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-40360HIGH 7.8

May 12, 2026

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-40359HIGH 7.8

May 12, 2026

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-32199HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-32198HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-32197HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-32189HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-32188HIGH 7.1

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-26112HIGH 7.8

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-26109HIGH 8.4

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-26108HIGH 7.8

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-26107HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-21261MEDIUM 5.5

Feb 10, 2026

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-21259HIGH 7.8

Feb 10, 2026

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

CVE-2026-21258MEDIUM 5.5

Feb 10, 2026

Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-20957HIGH 7.8

Jan 13, 2026

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-20955HIGH 7.8

Jan 13, 2026

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-20950HIGH 7.8

Jan 13, 2026

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62564HIGH 7.8

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62563HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62561HIGH 7.8

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62560HIGH 7.8

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62556HIGH 7.8

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62203HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62202HIGH 7.1

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2025-62201HIGH 7.8

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-62200HIGH 7.8

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-60727HIGH 7.8

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-60726HIGH 7.1

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2025-59236HIGH 8.4

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-59235HIGH 7.1

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2025-59233HIGH 7.8

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-59232HIGH 7.1

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2025-59231HIGH 7.8

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-59225HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-59224HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-59223HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-54904HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-54903HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-54902HIGH 7.8

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-54900HIGH 7.8

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-54898HIGH 7.8

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-54896HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-53759HIGH 7.8

Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-53741HIGH 7.8

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-53739HIGH 7.8

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-53737HIGH 7.8

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-53735HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-49711HIGH 7.8

Jul 8, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-49697HIGH 8.4

Jul 8, 2025

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-48812MEDIUM 5.5

Jul 8, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2025-47165HIGH 7.8

Jun 10, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-30383HIGH 7.8

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-30381HIGH 7.8

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-30379HIGH 7.8

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-30377HIGH 8.4

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-30376HIGH 7.8

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-30375HIGH 7.8

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-29979HIGH 7.8

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-29977HIGH 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-27751HIGH 7.8

Apr 8, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-27746HIGH 7.8

Apr 8, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-26642HIGH 7.8

Apr 8, 2025

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-24082HIGH 7.8

Mar 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-24081HIGH 7.8

Mar 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-24075HIGH 7.8

Mar 11, 2025

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-21394HIGH 7.8

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21390HIGH 7.8

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21387HIGH 7.8

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21386HIGH 7.8

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21381HIGH 7.8

CVE-2023-21716CRITICAL 9.8

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21362HIGH 8.4

Jan 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21354HIGH 8.4

Jan 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-49026HIGH 7.8

Nov 12, 2024

Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-43465HIGH 7.8

Sep 10, 2024

Microsoft Excel Elevation of Privilege Vulnerability

CVE-2024-30042HIGH 7.8

May 14, 2024

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-36766HIGH 7.8

Sep 12, 2023

Microsoft Excel Information Disclosure Vulnerability

CVE-2023-36896HIGH 7.8

Aug 8, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-35371HIGH 7.8

Aug 8, 2023

Microsoft Office Remote Code Execution Vulnerability

CVE-2023-33162MEDIUM 5.5

Jul 11, 2023

Microsoft Excel Information Disclosure Vulnerability

CVE-2023-33137HIGH 7.8

Jun 13, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-33133HIGH 7.8

Jun 13, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-32029HIGH 7.8

Jun 13, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-24953HIGH 7.8

May 9, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-23399HIGH 7.8

Mar 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-23396MEDIUM 6.5

Mar 14, 2023

Microsoft Excel Denial of Service Vulnerability

Feb 14, 2023

Microsoft Word Remote Code Execution Vulnerability

CVE-2022-41106HIGH 8.8

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-41103MEDIUM 5.5

Microsoft Word Information Disclosure Vulnerability

CVE-2022-41063HIGH 7.8

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-41061HIGH 7.8

Microsoft Word Remote Code Execution Vulnerability

CVE-2022-41060MEDIUM 5.5