VYPR
High severity7.7NVD Advisory· Published May 12, 2026· Updated May 19, 2026

CVE-2026-42832

CVE-2026-42832

Description

Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.

Affected products

5
  • cpe:2.3:a:microsoft:excel:*:*:*:*:*:android:*:*
    Range: <16.0.19822.20190
  • Microsoft/Office2 versions
    cpe:2.3:a:microsoft:office:2024:*:*:*:ltsc:macos:*:*+ 1 more
    • cpe:2.3:a:microsoft:office:2024:*:*:*:ltsc:macos:*:*
    • (no CPE)
  • cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
  • cpe:2.3:a:microsoft:word:*:*:*:*:*:android:*:*
    Range: <16.0.19822.20190

Patches

Vulnerability mechanics

References

1

News mentions

4