216.73.217.172

CVE-2026-45471

· Published 09/06/2026 17:17 · Modified 09/06/2026 19:32

Labels: CVE-2026-45471 2026-06-09CVE-2026-45471CWE-822[email protected]

Essential information

Published
09/06/2026 17:17
Modified
09/06/2026 19:32
Author
Creator
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CWE-822
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
nist-nvd-api
NVD
View on NVD

Affected products (CPE)

ProductCPE
microsoft / 365 apps cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*
microsoft / 365 apps cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*
microsoft / microsoft 365 cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*
microsoft / office 2019 cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*
microsoft / office 2019 cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*
microsoft / office 2021 cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*
microsoft / office 2021 cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*
microsoft / office 2021 cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*
microsoft / office 2024 cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*
microsoft / office 2024 cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*
microsoft / office 2024 cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*
microsoft / sharepoint server cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*
microsoft / sharepoint server cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*
microsoft / sharepoint server cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*
microsoft / word cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:x64:*
microsoft / word cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:x86:*

References