CVE-2025-53736: Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

medium6.2CVSS 3.1

AVLACLPRNUINSUCHINAN

Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

Affected

28 ranges· showing 25

Vendor	Product	Version range	Fixed in
microsoft	microsoft_365_apps_for_enterprise	>= 16.0.1 < https://aka.ms/OfficeSecurityReleases	https://aka.ms/OfficeSecurityReleases
microsoft	microsoft_office_2019	>= 19.0.0 < https://aka.ms/OfficeSecurityReleases	https://aka.ms/OfficeSecurityReleases
microsoft	microsoft_office_ltsc_2021	>= 16.0.1 < https://aka.ms/OfficeSecurityReleases	https://aka.ms/OfficeSecurityReleases
microsoft	microsoft_office_ltsc_2024	>= 16.0.0 < https://aka.ms/OfficeSecurityReleases	https://aka.ms/OfficeSecurityReleases
microsoft	microsoft_office_ltsc_for_mac_2021	>= 16.0.1 < 16.100.25081015	16.100.25081015
microsoft	microsoft_office_ltsc_for_mac_2024	>= 16.0.0 < 16.100.25081015	16.100.25081015
microsoft	microsoft_sharepoint_enterprise_server_2016	>= 16.0.0 < 16.0.5513.1002	16.0.5513.1002
microsoft	microsoft_sharepoint_server_2019	>= 16.0.0 < 16.0.10417.20041	16.0.10417.20041
microsoft	microsoft_word_2016	>= 16.0.1 < 16.0.5513.1000	16.0.5513.1000
microsoft	office	—	—
microsoft	office_long_term_servicing_channel	—	—
microsoft	office_long_term_servicing_channel	—	—
microsoft	sharepoint_enterprise_server	—	—
microsoft	sharepoint_server	—	—
microsoft	word	—	—
msrc	microsoft_365_apps_for_enterprise_for_32-bit_systems	—	—
msrc	microsoft_365_apps_for_enterprise_for_64-bit_systems	—	—
msrc	microsoft_office_2019_for_32-bit_editions	—	—
msrc	microsoft_office_2019_for_64-bit_editions	—	—
msrc	microsoft_office_ltsc_2021_for_32-bit_editions	—	—
msrc	microsoft_office_ltsc_2021_for_64-bit_editions	—	—
msrc	microsoft_office_ltsc_2024_for_32-bit_editions	—	—
msrc	microsoft_office_ltsc_2024_for_64-bit_editions	—	—
msrc	microsoft_office_ltsc_for_mac_2021	—	—
msrc	microsoft_office_ltsc_for_mac_2024	—	—