Microsoft Word vulnerabilities

CVE-2025-29816 [HIGH] CWE-349 CVE-2025-29816: Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a secur Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.

CVE-2025-24078 [HIGH] CWE-416 CVE-2025-24078: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2025-24079 [HIGH] CWE-416 CVE-2025-24079: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2024-41165 [CRITICAL] CWE-347 CVE-2024-41165: A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted libr A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

CVE-2024-49065 [MEDIUM] CWE-125 CVE-2024-49065: Microsoft Office Remote Code Execution Vulnerability Microsoft Office Remote Code Execution Vulnerability

CVE-2024-49033 [HIGH] CWE-20 CVE-2024-49033: Microsoft Word Security Feature Bypass Vulnerability Microsoft Word Security Feature Bypass Vulnerability

CVE-2024-21379 [HIGH] CWE-190 CVE-2024-21379: Microsoft Word Remote Code Execution Vulnerability Microsoft Word Remote Code Execution Vulnerability

CVE-2024-20673 [HIGH] CWE-693 CVE-2024-20673: Microsoft Office Remote Code Execution Vulnerability Microsoft Office Remote Code Execution Vulnerability

CVE-2023-36762 [HIGH] CWE-20 CVE-2023-36762: Microsoft Word Remote Code Execution Vulnerability Microsoft Word Remote Code Execution Vulnerability

CVE-2023-36761 [MEDIUM] CWE-20 CVE-2023-36761: Microsoft Word Information Disclosure Vulnerability Microsoft Word Information Disclosure Vulnerability

CVE-2023-33150 [CRITICAL] CWE-693 CVE-2023-33150: Microsoft Office Security Feature Bypass Vulnerability Microsoft Office Security Feature Bypass Vulnerability

CVE-2023-29335 [HIGH] CWE-20 CVE-2023-29335: Microsoft Word Security Feature Bypass Vulnerability Microsoft Word Security Feature Bypass Vulnerability

CVE-2023-21716 [CRITICAL] CWE-190 CVE-2023-21716: Microsoft Word Remote Code Execution Vulnerability Microsoft Word Remote Code Execution Vulnerability

CVE-2022-41061 [HIGH] CWE-94 CVE-2022-41061: Microsoft Word Remote Code Execution Vulnerability Microsoft Word Remote Code Execution Vulnerability

CVE-2022-41060 [MEDIUM] CVE-2022-41060: Microsoft Word Information Disclosure Vulnerability Microsoft Word Information Disclosure Vulnerability

CVE-2022-41103 [MEDIUM] CVE-2022-41103: Microsoft Word Information Disclosure Vulnerability Microsoft Word Information Disclosure Vulnerability

CVE-2022-29107 [MEDIUM] CVE-2022-29107: Microsoft Office Security Feature Bypass Vulnerability Microsoft Office Security Feature Bypass Vulnerability

CVE-2022-21842 [HIGH] CVE-2022-21842: Microsoft Word Remote Code Execution Vulnerability Microsoft Word Remote Code Execution Vulnerability

CVE-2021-40486 [HIGH] CVE-2021-40486: Microsoft Word Remote Code Execution Vulnerability Microsoft Word Remote Code Execution Vulnerability

CVE-2021-34452 [HIGH] CVE-2021-34452: Microsoft Word Remote Code Execution Vulnerability Microsoft Word Remote Code Execution Vulnerability