7
CVE-2026-44818
- EPSS 0.26%
- Veröffentlicht 09.06.2026 17:17:18
- Zuletzt bearbeitet 09.07.2026 00:17:12
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft Excel Remote Code Execution Vulnerability
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Microsoft 365 Version- SwPlatformmacos
Microsoft ≫ Office 2019 Version- HwPlatformx64
Microsoft ≫ Office 2019 Version- HwPlatformx86
Microsoft ≫ Office 2021 Version- SwEditionltsc SwPlatform- HwPlatformx64
Microsoft ≫ Office 2021 Version- SwEditionltsc SwPlatform- HwPlatformx86
Microsoft ≫ Office 2021 Version- SwEditionltsc SwPlatformmacos HwPlatform-
Microsoft ≫ Office 2024 Version- SwEditionltsc SwPlatform- HwPlatformx64
Microsoft ≫ Office 2024 Version- SwEditionltsc SwPlatform- HwPlatformx86
Microsoft ≫ Office 2024 Version- SwEditionltsc SwPlatformmacos HwPlatform-
Microsoft ≫ Office Online Server Version-
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.175 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44818