Microsoft Powerpoint vulnerabilities

CVE-2026-41102 [MEDIUM] CWE-284 CVE-2026-41102: Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoo Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.

CVE-2026-32200 [HIGH] CWE-416 CVE-2026-32200: Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locall Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2026-26133 [HIGH] CWE-77 CVE-2026-26133: AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

CVE-2025-59238 [HIGH] CWE-416 CVE-2025-59238: Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locall Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2025-54908 [HIGH] CWE-416 CVE-2025-54908: Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locall Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2025-53761 [HIGH] CWE-416 CVE-2025-53761: Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locall Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2025-49705 [HIGH] CWE-122 CVE-2025-49705: Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2025-49699 [HIGH] CWE-416 CVE-2025-49699: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-47175 [HIGH] CWE-416 CVE-2025-47175: Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locall Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2024-39804 [CRITICAL] CWE-347 CVE-2024-39804: A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafte A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage PowerPoint's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

CVE-2024-38171 [HIGH] CWE-416 CVE-2024-38171: Microsoft PowerPoint Remote Code Execution Vulnerability Microsoft PowerPoint Remote Code Execution Vulnerability

CVE-2024-20673 [HIGH] CWE-693 CVE-2024-20673: Microsoft Office Remote Code Execution Vulnerability Microsoft Office Remote Code Execution Vulnerability

CVE-2021-27056 [HIGH] CVE-2021-27056: Microsoft PowerPoint Remote Code Execution Vulnerability Microsoft PowerPoint Remote Code Execution Vulnerability

CVE-2020-17124 [HIGH] CVE-2020-17124: Microsoft PowerPoint Remote Code Execution Vulnerability Microsoft PowerPoint Remote Code Execution Vulnerability

CVE-2020-0760 [HIGH] CVE-2020-0760: A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type l A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.

CVE-2019-1462 [HIGH] CWE-908 CVE-2019-1462: A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerability'.

CVE-2018-8628 [HIGH] CVE-2018-8628: A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft Sha

CVE-2018-8501 [HIGH] CVE-2018-8501: A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPoint.

CVE-2018-8376 [HIGH] CVE-2018-8376: A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft PowerPoint.

CVE-2017-8743 [HIGH] CVE-2017-8743: A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Ente A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8742.