Microsoft Outlook 2016 vulnerabilities
24 known vulnerabilities affecting microsoft/microsoft_outlook_2016.
Total CVEs
24
CISA KEV
2
actively exploited
Public exploits
2
Exploited in wild
2
Severity breakdown
CRITICAL1HIGH15MEDIUM8
Vulnerabilities
Page 1 of 2
CVE-2026-21260HIGHCVSS 7.5≥ 16.0.0.0, < 16.0.5539.10022026-02-10
CVE-2026-21260 [HIGH] CWE-200 CVE-2026-21260: Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an una
Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
cvelistv5nvd
CVE-2025-49699HIGHCVSS 7.0≥ 16.0.0.0, < 16.0.5508.10022025-07-08
CVE-2025-49699 [HIGH] CWE-416 CVE-2025-49699: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
cvelistv5nvd
CVE-2025-47171MEDIUMCVSS 6.7PoC≥ 16.0.0.0, < 16.0.5504.10002025-06-10
CVE-2025-47171 [MEDIUM] CWE-20 CVE-2025-47171: Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
cvelistv5nvd
CVE-2025-21357MEDIUMCVSS 6.7≥ 16.0.0.0, < 16.0.5483.10002025-01-14
CVE-2025-21357 [MEDIUM] CWE-908 CVE-2025-21357: Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2024-38173MEDIUMCVSS 6.7≥ 16.0.0.0, < 16.0.5461.10012024-08-13
CVE-2024-38173 [MEDIUM] CWE-73 CVE-2024-38173: Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2024-38020MEDIUMCVSS 6.5≥ 16.0.0.0, < 16.0.5456.10002024-07-09
CVE-2024-38020 [MEDIUM] CWE-200 Microsoft Outlook Spoofing Vulnerability
Microsoft Outlook Spoofing Vulnerability
Microsoft Outlook Spoofing Vulnerability
cvelistv5
CVE-2024-30103HIGHCVSS 8.8≥ 16.0.0.0, < 16.0.5452.10002024-06-11
CVE-2024-30103 [HIGH] CWE-184 CVE-2024-30103: Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2024-21378HIGHCVSS 8.8≥ 16.0.0.0, < 16.0.5435.10002024-02-13
CVE-2024-21378 [HIGH] CWE-94 CVE-2024-21378: Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2023-36763HIGHCVSS 7.5≥ 16.0.0.0, < 16.0.5413.10002023-09-12
CVE-2023-36763 [HIGH] CWE-200 CVE-2023-36763: Microsoft Outlook Information Disclosure Vulnerability
Microsoft Outlook Information Disclosure Vulnerability
cvelistv5nvd
CVE-2023-36893MEDIUMCVSS 6.5≥ 16.0.0.0, < 16.0.5408.10002023-08-08
CVE-2023-36893 [MEDIUM] CWE-20 Microsoft Outlook Spoofing Vulnerability
Microsoft Outlook Spoofing Vulnerability
Microsoft Outlook Spoofing Vulnerability
cvelistv5
CVE-2023-35311HIGHCVSS 7.5KEV≥ 16.0.0.0, < 16.0.5404.10002023-07-11
CVE-2023-35311 [HIGH] CWE-367 CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability
Microsoft Outlook Security Feature Bypass Vulnerability
cvelistv5nvd
CVE-2023-33151MEDIUMCVSS 6.5≥ 16.0.0.0, < 16.0.5404.10002023-07-11
CVE-2023-33151 [MEDIUM] Microsoft Outlook Spoofing Vulnerability
Microsoft Outlook Spoofing Vulnerability
Microsoft Outlook Spoofing Vulnerability
cvelistv5
CVE-2023-33131HIGHCVSS 8.8PoC≥ 16.0.0.0, < 16.0.5400.10002023-06-14
CVE-2023-33131 [HIGH] CWE-94 CVE-2023-33131: Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2022-35742HIGHCVSS 7.5≥ 16.0.0.0, < 16.0.4966.10002023-06-01
CVE-2022-35742 [HIGH] Microsoft Outlook Denial of Service Vulnerability
Microsoft Outlook Denial of Service Vulnerability
Microsoft Outlook Denial of Service Vulnerability
cvelistv5
CVE-2023-23397CRITICALCVSS 9.8KEV≥ 16.0.0.0, < 16.0.5387.10002023-03-14
CVE-2023-23397 [CRITICAL] CWE-20 CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability
Microsoft Outlook Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2021-31949HIGHCVSS 7.8≥ 16.0.0.0, < 16.0.5356.1000.2021-06-08
CVE-2021-31949 [HIGH] CWE-94 CVE-2021-31949: Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2021-28452HIGHCVSS 7.1≥ 16.0.0.0, < publication2021-04-13
CVE-2021-28452 [HIGH] Microsoft Outlook Memory Corruption Vulnerability
Microsoft Outlook Memory Corruption Vulnerability
Microsoft Outlook Memory Corruption Vulnerability
cvelistv5
CVE-2020-17119HIGHCVSS 7.5≥ 16.0.0.0, < publication2020-12-10
CVE-2020-17119 [MEDIUM] CVE-2020-17119: Microsoft Outlook Information Disclosure Vulnerability
Microsoft Outlook Information Disclosure Vulnerability
cvelistv5nvd
CVE-2020-16949HIGHCVSS 7.5≥ 16.0.0.0, < publication2020-10-16
CVE-2020-16949 [MEDIUM] CWE-401 CVE-2020-16949: <p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to
A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.
Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outloo
cvelistv5nvd
CVE-2020-16947HIGHCVSS 8.8≥ 16.0.0.0, < publication2020-10-16
CVE-2020-16947 [HIGH] CWE-125 CVE-2020-16947: <p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fail
A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted user. If the targeted user is logged on with administrative user rights, an attacker could take control
cvelistv5nvd
1 / 2Next →