CVE-2026-33822

Severity

6.1MEDIUM

EPSS

No EPSS data

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedApr 14

Description

Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:HExploitability: 1.8 | Impact: 4.2

▶CVEListV5microsoft/microsoft_365_apps_for_enterprise16.0.1 — https://aka.ms/OfficeSecurityReleases

VulDB

Microsoft Office LTSC Word out-of-bounds↗2026-04-14

▶

CVEList

Microsoft Word Information Disclosure Vulnerability↗2026-04-14

▶