cbcvebase.

Microsoft Excel vulnerabilities

400 known vulnerabilities affecting microsoft/excel.

Total CVEs
400
CISA KEV
6
actively exploited
Public exploits
34
Exploited in wild
9
Severity breakdown
CRITICAL128HIGH220MEDIUM52

Vulnerabilities

Page 4 of 20
CVE-2025-32704HIGHCVSS 7.8v20162025-05-13
CVE-2025-32704 [HIGH] CWE-126 CVE-2025-32704: Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-30381HIGHCVSS 7.8v20162025-05-13
CVE-2025-30381 [HIGH] CWE-125 CVE-2025-30381: Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-30376HIGHCVSS 7.8v20162025-05-13
CVE-2025-30376 [HIGH] CWE-122 CVE-2025-30376: Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-29977HIGHCVSS 7.8v20162025-05-13
CVE-2025-29977 [HIGH] CWE-416 CVE-2025-29977: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-29979HIGHCVSS 7.8v20162025-05-13
CVE-2025-29979 [HIGH] CWE-122 CVE-2025-29979: Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-27751HIGHCVSS 7.8PoCv20162025-04-08
CVE-2025-27751 [HIGH] CWE-416 CVE-2025-27751: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-26642HIGHCVSS 7.8v20162025-04-08
CVE-2025-26642 [HIGH] CWE-125 CVE-2025-26642: Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-27750HIGHCVSS 7.8v20162025-04-08
CVE-2025-27750 [HIGH] CWE-416 CVE-2025-27750: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-24081HIGHCVSS 7.8v20162025-03-11
CVE-2025-24081 [HIGH] CWE-416 CVE-2025-24081: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-24082HIGHCVSS 7.8v20162025-03-11
CVE-2025-24082 [HIGH] CWE-416 CVE-2025-24082: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-24075HIGHCVSS 7.8v20162025-03-11
CVE-2025-24075 [HIGH] CWE-121 CVE-2025-24075: Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute cod Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-21387HIGHCVSS 7.8v20162025-02-11
CVE-2025-21387 [HIGH] CWE-416 CVE-2025-21387: Microsoft Excel Remote Code Execution Vulnerability Microsoft Excel Remote Code Execution Vulnerability
nvd
CVE-2025-21390HIGHCVSS 7.8v20162025-02-11
CVE-2025-21390 [HIGH] CWE-122 CVE-2025-21390: Microsoft Excel Remote Code Execution Vulnerability Microsoft Excel Remote Code Execution Vulnerability
nvd
CVE-2025-21386HIGHCVSS 7.8v20162025-02-11
CVE-2025-21386 [HIGH] CWE-416 CVE-2025-21386: Microsoft Excel Remote Code Execution Vulnerability Microsoft Excel Remote Code Execution Vulnerability
nvd
CVE-2025-21381HIGHCVSS 7.8v20162025-02-11
CVE-2025-21381 [HIGH] CWE-822 CVE-2025-21381: Microsoft Excel Remote Code Execution Vulnerability Microsoft Excel Remote Code Execution Vulnerability
nvd
CVE-2025-21394HIGHCVSS 7.8v20162025-02-11
CVE-2025-21394 [HIGH] CWE-416 CVE-2025-21394: Microsoft Excel Remote Code Execution Vulnerability Microsoft Excel Remote Code Execution Vulnerability
nvd
CVE-2025-21383MEDIUMCVSS 5.5v20162025-02-11
CVE-2025-21383 [MEDIUM] CWE-125 CVE-2025-21383: Microsoft Excel Information Disclosure Vulnerability Microsoft Excel Information Disclosure Vulnerability
nvd
CVE-2025-21362HIGHCVSS 8.4v20162025-01-14
CVE-2025-21362 [HIGH] CWE-416 CVE-2025-21362: Microsoft Excel Remote Code Execution Vulnerability Microsoft Excel Remote Code Execution Vulnerability
nvd
CVE-2024-43106CRITICALCVSS 9.1v16.83v16.83 for macOS2024-12-18
CVE-2024-43106 [CRITICAL] CWE-347 CVE-2024-43106: A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted lib A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
nvd
CVE-2024-49069HIGHCVSS 7.8v20162024-12-12
CVE-2024-49069 [HIGH] CWE-416 CVE-2024-49069: Microsoft Excel Remote Code Execution Vulnerability Microsoft Excel Remote Code Execution Vulnerability
nvd
← Previous4 / 20Next →
Microsoft Excel vulnerabilities | cvebase