CVE Catalog

CVE-2026-45458

HighCVSS 8.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.44%

35th percentile - higher than 35% of all known CVEs

Summary

A Use-After-Free vulnerability in Microsoft Office allows an unauthorized attacker to execute code locally. The issue stems from improper memory management when processing specially crafted files.

Risk Assessment

An attacker could take control of the victim's system, installing malware, modifying data, or disrupting operations. The risk is particularly high in corporate environments where Office is widely used.

Recommendation

Immediately apply the security update released by Microsoft for affected Office versions. Restrict opening files from unknown sources and enforce least-privilege policies.

Original NVD description (English source)

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS