{"resultsPerPage":18,"startIndex":0,"totalResults":18,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-14T01:57:32.937","vulnerabilities":[{"cve":{"id":"CVE-2026-6238","sourceIdentifier":"3ff69d7a-14f2-4f67-a097-88dee7810d18","published":"2026-04-28T19:37:47.523","lastModified":"2026-06-19T21:17:02.620","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory.\n\nThese functions are for application debugging only and hence not in the path of code executed by the DNS resolver.  Further, they have been deprecated since version 2.34 and should not be used by any new applications.  Applications should consider porting away from these interfaces since they may be removed in future versions."}],"affected":[{"source":"3ff69d7a-14f2-4f67-a097-88dee7810d18","affectedData":[{"vendor":"The GNU C Library","product":"glibc","defaultStatus":"affected","versions":[{"version":"2.0.1","lessThanOrEqual":"2.43","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T18:51:21.285963Z","id":"CVE-2026-6238","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3ff69d7a-14f2-4f67-a097-88dee7810d18","type":"Secondary","description":[{"lang":"en","value":"CWE-126"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*","versionStartIncluding":"2.2","matchCriteriaId":"E6240DD2-E366-424F-BFA2-266E17793764"}]}]}],"references":[{"url":"https://inbox.sourceware.org/libc-announce/7a655d55-276f-41fe-b550-feb3ebb2ce91@redhat.com/T/#u","source":"3ff69d7a-14f2-4f67-a097-88dee7810d18","tags":["Third Party Advisory"]},{"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=34069","source":"3ff69d7a-14f2-4f67-a097-88dee7810d18","tags":["Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-42915","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:11.780","lastModified":"2026-06-19T21:16:44.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T12:41:53.272664Z","id":"CVE-2026-42915","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-131"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42915","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44803","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:16.163","lastModified":"2026-06-19T21:16:47.350","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Excel for Android","versions":[{"version":"16.0.0.0","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft PowerPoint for Android","versions":[{"version":"16.0.0.0","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Word for Android","versions":[{"version":"16.0.0.0","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:55:20.566587Z","id":"CVE-2026-44803","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:-:*:*:*:*:android:*:*","matchCriteriaId":"6FD1530C-D7C3-4CC7-A805-ABAA146F1FD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:powerpoint:-:*:*:*:*:android:*:*","matchCriteriaId":"8E077913-6962-41DB-B2FF-86E1AC75B94B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:word:-:*:*:*:*:android:*:*","matchCriteriaId":"94ACF216-1A63-420C-B46F-C4BD1C054BCD"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:-:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"EC82C3C4-FCA5-4883-9B14-F5CD18666182"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:-:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"4722A8F2-4CA7-4893-940B-7484C47F5352"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:-:*:x64:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"CFA40C1D-0857-4B9A-92CB-5666E35062F2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44803","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44812","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:17.277","lastModified":"2026-06-19T21:16:47.943","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Excel for Android","versions":[{"version":"16.0.0.0","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft PowerPoint for Android","versions":[{"version":"16.0.0.0","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Word for Android","versions":[{"version":"16.0.0.0","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:55:19.450966Z","id":"CVE-2026-44812","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:-:*:*:*:*:android:*:*","matchCriteriaId":"6FD1530C-D7C3-4CC7-A805-ABAA146F1FD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:powerpoint:-:*:*:*:*:android:*:*","matchCriteriaId":"8E077913-6962-41DB-B2FF-86E1AC75B94B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:word:-:*:*:*:*:android:*:*","matchCriteriaId":"94ACF216-1A63-420C-B46F-C4BD1C054BCD"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:-:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"EC82C3C4-FCA5-4883-9B14-F5CD18666182"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:-:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"4722A8F2-4CA7-4893-940B-7484C47F5352"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:-:*:x64:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"CFA40C1D-0857-4B9A-92CB-5666E35062F2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44812","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44819","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:18.180","lastModified":"2026-06-19T21:16:48.630","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-05T00:00:00+00:00","id":"CVE-2026-44819","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44819","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44821","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:18.443","lastModified":"2026-06-19T21:16:48.900","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:49:48.690924Z","id":"CVE-2026-44821","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44821","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44822","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:18.580","lastModified":"2026-06-19T21:16:49.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Excel 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0.0","lessThan":"16.0.5556.1001","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Office Online Server","versions":[{"version":"16.0.0.0","lessThan":"16.0.10417.20137","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T14:11:20.230921Z","id":"CVE-2026-44822","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*","matchCriteriaId":"CD88F667-6773-4DB7-B6C3-9C7B769C0808"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*","matchCriteriaId":"B342EF98-B414-44D0-BAFB-FCA24294EECE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*","matchCriteriaId":"E98AE986-FA31-4301-8025-E8915BA4AC5E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44822","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44824","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:18.857","lastModified":"2026-06-19T21:16:49.310","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:19.447941Z","id":"CVE-2026-44824","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44824","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45456","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:19.790","lastModified":"2026-06-19T21:16:49.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Word 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"16.0.5556.1000","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:17.462457Z","id":"CVE-2026-45456","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45456","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45459","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:20.203","lastModified":"2026-06-19T21:16:50.080","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T14:22:49.681713Z","id":"CVE-2026-45459","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-693"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45459","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45466","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:21.077","lastModified":"2026-06-19T21:16:50.943","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:40:28.513794Z","id":"CVE-2026-45466","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45466","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45469","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:21.460","lastModified":"2026-06-19T21:16:51.197","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Excel 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0.0","lessThan":"16.0.5556.1001","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Office Online Server","versions":[{"version":"16.0.0.0","lessThan":"16.0.10417.20137","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-05T00:00:00+00:00","id":"CVE-2026-45469","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"},{"lang":"en","value":"CWE-191"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*","matchCriteriaId":"CD88F667-6773-4DB7-B6C3-9C7B769C0808"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*","matchCriteriaId":"B342EF98-B414-44D0-BAFB-FCA24294EECE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*","matchCriteriaId":"E98AE986-FA31-4301-8025-E8915BA4AC5E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45469","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45471","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:21.600","lastModified":"2026-06-19T21:16:51.330","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Word 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"16.0.5556.1000","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:21.698686Z","id":"CVE-2026-45471","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-822"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:x64:*","matchCriteriaId":"E1FE9E95-4874-46EF-AC93-9E485F7A2AC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:x86:*","matchCriteriaId":"38479B5D-66F9-4260-A18A-F6E3D9B6991E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45471","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45475","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:22.007","lastModified":"2026-06-19T21:16:51.727","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:20.606890Z","id":"CVE-2026-45475","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45475","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45485","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:23.010","lastModified":"2026-06-19T21:16:52.410","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T20:05:44.587552Z","id":"CVE-2026-45485","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45485","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45643","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:31.410","lastModified":"2026-06-19T21:16:56.097","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:24.965538Z","id":"CVE-2026-45643","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-822"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45643","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45649","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:32.040","lastModified":"2026-06-19T21:16:56.523","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Excel for Android","versions":[{"version":"16.0.0.0","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft PowerPoint for Android","versions":[{"version":"16.0.0.0","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Word for Android","versions":[{"version":"16.0.0.0","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:45.869711Z","id":"CVE-2026-45649","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:-:*:*:*:*:android:*:*","matchCriteriaId":"6FD1530C-D7C3-4CC7-A805-ABAA146F1FD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:powerpoint:-:*:*:*:*:android:*:*","matchCriteriaId":"8E077913-6962-41DB-B2FF-86E1AC75B94B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:word:-:*:*:*:*:android:*:*","matchCriteriaId":"94ACF216-1A63-420C-B46F-C4BD1C054BCD"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45649","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-11527","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-06-14T12:16:23.357","lastModified":"2026-06-19T21:16:40.633","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle.\n\nConfig::IniFiles::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a filename that begins or ends with a pipe (\"| cmd\", \"cmd |\") or begins with a redirect (\"> path\", \">> path\") is run as a command or redirect rather than opened as a file. The helper is the open path behind the documented -file argument: new(-file => $thing) reaches it through ReadConfig. An in-memory scalar reference (-file => \\$text) does not open a path and is unaffected.\n\nAny caller that forwards untrusted input to the -file argument can run an arbitrary command or truncate a file under the process UID."}],"affected":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","affectedData":[{"vendor":"SHLOMIF","product":"Config::IniFiles","defaultStatus":"unaffected","collectionURL":"https://cpan.org/modules","packageName":"Config-IniFiles","programFiles":["lib/Config/IniFiles.pm"],"programRoutines":[{"name":"Config::IniFiles::_make_filehandle"}],"repo":"https://github.com/shlomif/perl-Config-IniFiles","versions":[{"version":"0","lessThan":"3.001000","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-15T18:52:43.717589Z","id":"CVE-2026-11527","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-73"},{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/shlomif/perl-Config-IniFiles/commit/3e48f9627fbba4dae5de35be1f735cdeb7e47fb8.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://metacpan.org/release/SHLOMIF/Config-IniFiles-3.001000/changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"http://www.openwall.com/lists/oss-security/2026/06/14/5","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2026/06/msg00026.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}