CVE-2026-33114
published 2026-04-14CVE-2026-33114: Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
high8.4CVSS 3.1
AVLACLPRNUINSUCHIHAH
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_365_apps_for_enterprise | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_2021 | >= 16.0.1 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_2024 | >= 16.0.0 < https://aka.ms/OfficeSecurityReleases | https://aka.ms/OfficeSecurityReleases |
| microsoft | microsoft_office_ltsc_for_mac_2021 | >= 16.0.1 < 16.108.26041219 | 16.108.26041219 |
| microsoft | microsoft_office_ltsc_for_mac_2024 | >= 16.0.0 < 16.108.26041219 | 16.108.26041219 |
| microsoft | office_long_term_servicing_channel | — | — |
| microsoft | office_long_term_servicing_channel | — | — |