VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 8, 2025· Updated Feb 13, 2026

Microsoft Office Remote Code Execution Vulnerability

CVE-2025-26642

Description

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

Affected products

13
  • Microsoft/Officellm-fuzzy3 versions
    (expand)+ 2 more
    • (no CPE)
    • (no CPE)range: 16.0.1
    • (no CPE)range: 16.0.0
  • Microsoft/Microsoft 365 Apps for Enterprisev5
    Range: 16.0.1
  • Microsoft/Microsoft Access 2016v5
    Range: 16.0.0
  • Microsoft/Microsoft Access 2016 (32-bit edition)v5
    Range: 16.0.0
  • Microsoft/Excel 2007cpe-rescue
    Range: 16.0.0.0
  • Microsoft/Office Visiocpe-rescue2 versions
    16.0.0+ 1 more
    • (no CPE)range: 16.0.0
    • (no CPE)range: 19.0.0
  • Microsoft/Microsoft Office LTSC for Mac 2021v5
    Range: 16.0.1
  • Microsoft/Microsoft Office LTSC for Mac 2024v5
    Range: 16.0.0
  • Microsoft/Microsoft SharePoint Server 2019v5
    Range: 16.0.0
  • Microsoft/Office Online Servercpe-rescue
    Range: 16.0.0.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.