CVE-2026-42832
published 2026-05-12CVE-2026-42832: Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
medium5.5CVSS 3.1
AVLACLPRLUINSUCNIHAN
Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | excel | < 16.0.19822.20190 | 16.0.19822.20190 |
| microsoft | microsoft_excel_for_android | >= 16.0.0.0 < 16.0.19822.20190 | 16.0.19822.20190 |
| microsoft | microsoft_office_ltsc_for_mac_2021 | >= 16.0.1 < 16.109.26051019 | 16.109.26051019 |
| microsoft | microsoft_office_ltsc_for_mac_2024 | >= 16.0.0 < 16.109.26051019 | 16.109.26051019 |
| microsoft | microsoft_word_for_android | >= 16.0.0.0 < 16.0.19822.20190 | 16.0.19822.20190 |
| microsoft | office | — | — |
| microsoft | office_long_term_servicing_channel | — | — |
| microsoft | word | < 16.0.19822.20190 | 16.0.19822.20190 |