Microsoft Word vulnerabilities
243 known vulnerabilities affecting microsoft/word.
Total CVEs
243
CISA KEV
10
actively exploited
Public exploits
16
Exploited in wild
11
Severity breakdown
CRITICAL79HIGH127MEDIUM35LOW2
Vulnerabilities
Page 1 of 13
CVE-2026-26133HIGHCVSS 7.1fixed in 2.106.2fixed in 16.0.19822.200382026-03-16
CVE-2026-26133 [HIGH] CWE-77 CVE-2026-26133: AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
nvd
CVE-2026-21511HIGHCVSS 7.5v20162026-02-10
CVE-2026-21511 [HIGH] CWE-502 CVE-2026-21511: Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to per
Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
nvd
CVE-2026-20948HIGHCVSS 7.8v20162026-01-13
CVE-2026-20948 [HIGH] CWE-822 CVE-2026-20948: Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute co
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-62562HIGHCVSS 7.8v20162025-12-09
CVE-2025-62562 [HIGH] CWE-416 CVE-2025-62562: Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-62555HIGHCVSS 7.0v20162025-12-09
CVE-2025-62555 [HIGH] CWE-416 CVE-2025-62555: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-62558HIGHCVSS 7.8v20162025-12-09
CVE-2025-62558 [HIGH] CWE-416 CVE-2025-62558: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-62559HIGHCVSS 7.8v20162025-12-09
CVE-2025-62559 [HIGH] CWE-416 CVE-2025-62559: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-59222HIGHCVSS 7.8v20162025-10-14
CVE-2025-59222 [HIGH] CWE-416 CVE-2025-59222: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-59221HIGHCVSS 7.0v20162025-10-14
CVE-2025-59221 [HIGH] CWE-416 CVE-2025-59221: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-54905HIGHCVSS 7.1v20162025-09-09
CVE-2025-54905 [HIGH] CWE-822 CVE-2025-54905: Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose i
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
nvd
CVE-2025-53738HIGHCVSS 7.8v20162025-08-12
CVE-2025-53738 [HIGH] CWE-416 CVE-2025-53738: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-53733HIGHCVSS 8.4v20162025-08-12
CVE-2025-53733 [HIGH] CWE-681 CVE-2025-53733: Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-53736MEDIUMCVSS 6.2v20162025-08-12
CVE-2025-53736 [MEDIUM] CWE-126 CVE-2025-53736: Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information lo
Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
nvd
CVE-2025-49698HIGHCVSS 7.8v20162025-07-08
CVE-2025-49698 [HIGH] CWE-416 CVE-2025-49698: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-49703HIGHCVSS 7.8v20162025-07-08
CVE-2025-49703 [HIGH] CWE-416 CVE-2025-49703: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-49699HIGHCVSS 7.0v20162025-07-08
CVE-2025-49699 [HIGH] CWE-416 CVE-2025-49699: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-49700HIGHCVSS 7.8v20162025-07-08
CVE-2025-49700 [HIGH] CWE-416 CVE-2025-49700: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-47169HIGHCVSS 7.8v20162025-06-10
CVE-2025-47169 [HIGH] CWE-122 CVE-2025-47169: Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-47168HIGHCVSS 7.8v20162025-06-10
CVE-2025-47168 [HIGH] CWE-416 CVE-2025-47168: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-27747HIGHCVSS 7.8v20162025-04-08
CVE-2025-27747 [HIGH] CWE-822 CVE-2025-27747: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
nvd
1 / 13Next →