Information Disclosure Vulnerability in Microsoft Office
CVE-2026-55042

5.5MEDIUM

What is CVE-2026-55042?

A vulnerability in Microsoft Office arises from the use of uninitialized resources, enabling unauthorized attackers to potentially disclose sensitive information locally. This flaw can compromise the confidentiality of data within affected Office applications, leading to security risks for users and organizations alike. Users are strongly advised to apply the security updates provided by Microsoft to mitigate the associated risks.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Office 2016 32-bit Systems 16.0.0 < 16.0.5561.1000

Microsoft Office 2019 32-bit Systems 19.0.0

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.