Information Disclosure in Microsoft Office Excel by Microsoft
CVE-2026-55122

7.1HIGH

What is CVE-2026-55122?

An information disclosure vulnerability exists in Microsoft Office Excel that allows unauthorized attackers to exploit out-of-bounds read conditions. This flaw could enable attackers to access sensitive information locally, posing a severe risk to data confidentiality and integrity. It is essential for users to apply the latest patches and updates to mitigate the effects of this vulnerability.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Excel 2016 32-bit Systems 16.0.0.0 < 16.0.5561.1001

Microsoft Office 2019 32-bit Systems 19.0.0

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.