📦

office

Vendor: microsoft

Login to add this product to WatchStack
Actively Exploited 36 CISA KEV List
PoC / Exploits 121 Code Available
Total RCEs 472 Remote Access
Total CVEs 9995 Total Indexed
Avg. EPSS 26.42% Exploit Prob.
Latest CVE CVE-2026-42832 May 12

Security Vulnerability Index

Page 1 / 1000
7.7 CVSS
CVE-2026-42832

Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.

EPSS: 0.05%
7.8 CVSS
CVE-2026-42831

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

EPSS: 0.06%
4.3 CVSS
CVE-2026-40421

Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

EPSS: 0.05%
8.8 CVSS
CVE-2026-40420

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

EPSS: 0.04%
7.8 CVSS
CVE-2026-40419

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

EPSS: 0.05%
7.8 CVSS
CVE-2026-40418

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

EPSS: 0.05%
8.4 CVSS
CVE-2026-40367

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

EPSS: 0.06%
8.4 CVSS
CVE-2026-40366

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

EPSS: 0.06%
8.4 CVSS
CVE-2026-40364

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

EPSS: 0.19%
8.4 CVSS
CVE-2026-40363

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

EPSS: 0.06%