CVE Catalog

CVE-2026-44817

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

29th percentile - higher than 29% of all known CVEs

Summary

A type confusion vulnerability in Microsoft Office Excel allows an unauthorized attacker to execute code locally. The flaw arises from accessing a resource using an incompatible data type.

Risk Assessment

An attacker could take control of the victim's system by executing malicious code in the context of the user opening a crafted Excel file.

Recommendation

It is recommended to immediately install the security update published by Microsoft for Microsoft Office Excel.

Original NVD description (English source)

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS