CVE-2026-45453
- EPSS 0.51%
- Veröffentlicht 09.06.2026 17:17:19
- Zuletzt bearbeitet 09.07.2026 00:17:13
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45454
- EPSS 1.63%
- Veröffentlicht 09.06.2026 17:17:19
- Zuletzt bearbeitet 10.06.2026 20:31:21
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-45456
- EPSS 0.44%
- Veröffentlicht 09.06.2026 17:17:19
- Zuletzt bearbeitet 11.06.2026 18:40:05
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-44819
- EPSS 0.46%
- Veröffentlicht 09.06.2026 17:17:18
- Zuletzt bearbeitet 11.06.2026 18:39:56
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-44821
- EPSS 0.47%
- Veröffentlicht 09.06.2026 17:17:18
- Zuletzt bearbeitet 11.06.2026 18:40:00
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-44824
- EPSS 0.46%
- Veröffentlicht 09.06.2026 17:17:18
- Zuletzt bearbeitet 11.06.2026 18:40:02
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-33113
- EPSS 0.52%
- Veröffentlicht 09.06.2026 17:17:04
- Zuletzt bearbeitet 09.07.2026 00:17:04
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
- EPSS 0.64%
- Veröffentlicht 01.06.2026 18:26:43
- Zuletzt bearbeitet 03.06.2026 18:42:52
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-45659
- EPSS 3.22%
- Veröffentlicht 22.05.2026 22:04:33
- Zuletzt bearbeitet 02.07.2026 12:16:47
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-40367
- EPSS 0.45%
- Veröffentlicht 12.05.2026 16:59:20
- Zuletzt bearbeitet 01.06.2026 19:16:34
Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.