CVE-2026-32188
published 2026-04-14CVE-2026-32188: Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
high7.1CVSS 3.1
AVLACLPRNUIRSUCHINAH
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | excel | — | — |
| microsoft | microsoft_365_apps_for_enterprise | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_excel_2016 | >= 16.0.0.0 < 16.0.5548.1000 | 16.0.5548.1000 |
| microsoft | microsoft_office_2019 | >= 19.0.0 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_2021 | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_2024 | >= 16.0.0 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_for_mac_2021 | >= 16.0.1 < 16.108.26041219 | 16.108.26041219 |
| microsoft | microsoft_office_ltsc_for_mac_2024 | >= 16.0.0 < 16.108.26041219 | 16.108.26041219 |
| microsoft | office | — | — |
| microsoft | office_long_term_servicing_channel | — | — |
| microsoft | office_long_term_servicing_channel | — | — |
| microsoft | office_online_server | >= 16.0.0.0 < 16.0.10417.20113 | 16.0.10417.20113 |