Information Disclosure Vulnerability in Microsoft Excel
CVE-2026-55898

6.1MEDIUM

What is CVE-2026-55898?

An out-of-bounds read vulnerability in Microsoft Office Excel allows unauthorized attackers to potentially expose sensitive information stored locally. When exploited, it can enable an attacker to read memory contents, leading to unintended information disclosure. Users are encouraged to apply the latest patches to mitigate the risks associated with this vulnerability.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Excel 2016 32-bit Systems 16.0.0.0 < 16.0.5561.1001

Microsoft Office 2019 32-bit Systems 19.0.0

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.