cbcvebase.
CVE-2025-26630
published 2025-03-11

CVE-2025-26630: Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.

Affected

18 ranges
VendorProductVersion rangeFixed in
microsoftaccess
microsoftmicrosoft_365_apps_for_enterprise>= 16.0.1 < https://aka.ms/OfficeSecurityReleaseshttps://aka.ms/OfficeSecurityReleases
microsoftmicrosoft_access_2016>= 16.0.0 < 16.0.5491.100116.0.5491.1001
microsoftmicrosoft_office_2019>= 19.0.0 < https://aka.ms/OfficeSecurityReleaseshttps://aka.ms/OfficeSecurityReleases
microsoftmicrosoft_office_ltsc_2021>= 16.0.1 < https://aka.ms/OfficeSecurityReleaseshttps://aka.ms/OfficeSecurityReleases
microsoftmicrosoft_office_ltsc_2024>= 16.0.0 < https://aka.ms/OfficeSecurityReleaseshttps://aka.ms/OfficeSecurityReleases
microsoftoffice
microsoftoffice_long_term_servicing_channel
microsoftoffice_long_term_servicing_channel
msrcmicrosoft_365_apps_for_enterprise_for_32-bit_systems
msrcmicrosoft_365_apps_for_enterprise_for_64-bit_systems
msrcmicrosoft_access_2016
msrcmicrosoft_office_2019_for_32-bit_editions
msrcmicrosoft_office_2019_for_64-bit_editions
msrcmicrosoft_office_ltsc_2021_for_32-bit_editions
msrcmicrosoft_office_ltsc_2021_for_64-bit_editions
msrcmicrosoft_office_ltsc_2024_for_32-bit_editions
msrcmicrosoft_office_ltsc_2024_for_64-bit_editions