Out-of-Bounds Read Vulnerability in Microsoft Office
CVE-2026-45460

4.7MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft 365 Apps For Enterprise; Microsoft Office 2019; Microsoft Office 365 For Mac; Microsoft Office For Android
Vendor: CVE Published:; 9 June 2026

What is CVE-2026-45460?

An out-of-bounds read vulnerability in Microsoft Office can allow unauthorized attackers to access sensitive data. This issue can be exploited by successfully sending a specially crafted input to the affected product, leading to the potential exposure of local data. Organizations using Microsoft Office should apply the latest security updates to mitigate this risk and ensure sensitive information remains protected. For further details, refer to the official information from Microsoft.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Office 2019 32-bit Systems 19.0.0

Microsoft Office 365 for Mac 1.0.0 < 16.110.26061317

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisorypatch

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2026
Vulnerability Reserved
May 12, 2026

CVE-2026-45460 Data

JSON