Microsoft Onenote vulnerabilities
3 known vulnerabilities affecting microsoft/microsoft_onenote.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2026-26133HIGHCVSS 7.1≥ 1.0.0, < 2.106.260206172026-03-16
CVE-2026-26133 [HIGH] CWE-77 CVE-2026-26133: AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
cvelistv5nvd
CVE-2025-29822HIGHCVSS 7.8≥ 1.0.0, < 16.96.250330282025-04-08
CVE-2025-29822 [HIGH] CWE-184 CVE-2025-29822: Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
cvelistv5nvd
CVE-2025-21402HIGHCVSS 7.8≥ 1.0.0, < 16.92.241207312025-01-14
CVE-2025-21402 [HIGH] CWE-641 CVE-2025-21402: Microsoft Office OneNote Remote Code Execution Vulnerability
Microsoft Office OneNote Remote Code Execution Vulnerability
cvelistv5nvd