CVE-2026-42831
published 2026-05-12CVE-2026-42831: Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_office_for_android | >= 16.0.1 < 16.0.19822.20190 | 16.0.19822.20190 |
| microsoft | microsoft_office_ltsc_for_mac_2021 | >= 16.0.1 < 16.109.26051019 | 16.109.26051019 |
| microsoft | microsoft_office_ltsc_for_mac_2024 | >= 16.0.0 < 16.109.26051019 | 16.109.26051019 |
| microsoft | office | < 16.0.19822.20190 | 16.0.19822.20190 |
| microsoft | office | — | — |
| microsoft | office_long_term_servicing_channel | — | — |