8.4

CVE-2026-45463

Medienbericht

Microsoft Office Remote Code Execution Vulnerability

Integer underflow (wrap or wraparound) in Microsoft Office allows an unauthorized attacker to execute code locally.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft365 Apps Version- SwEditionenterprise HwPlatformx64
Microsoft365 Apps Version- SwEditionenterprise HwPlatformx86
Microsoft365 Copilot SwPlatformandroid
MicrosoftMicrosoft 365 Version- SwPlatformmacos
MicrosoftOffice 2016 Version- SwEdition- HwPlatformx64
MicrosoftOffice 2016 Version- SwEdition- HwPlatformx86
MicrosoftOffice 2019 Version- HwPlatformx64
MicrosoftOffice 2019 Version- HwPlatformx86
MicrosoftOffice 2021 Version- SwEditionltsc SwPlatform- HwPlatformx64
MicrosoftOffice 2021 Version- SwEditionltsc SwPlatform- HwPlatformx86
MicrosoftOffice 2021 Version- SwEditionltsc SwPlatformmacos HwPlatform-
MicrosoftOffice 2024 Version- SwEditionltsc SwPlatform- HwPlatformx64
MicrosoftOffice 2024 Version- SwEditionltsc SwPlatform- HwPlatformx86
MicrosoftOffice 2024 Version- SwEditionltsc SwPlatformmacos HwPlatform-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.256
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@microsoft.com 8.4 2.5 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CWE-191 Integer Underflow (Wrap or Wraparound)

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
10.06.2026 18:13
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
09.06.2026 20:12
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45463
Vendor Advisory