CVE-2026-45458
HighCVSS 8.4Exploitation Probability (EPSS)
Low risk35th percentile - higher than 35% of all known CVEs
Summary
A Use-After-Free vulnerability in Microsoft Office allows an unauthorized attacker to execute code locally. The issue stems from improper memory management when processing specially crafted files.
Risk Assessment
An attacker could take control of the victim's system, installing malware, modifying data, or disrupting operations. The risk is particularly high in corporate environments where Office is widely used.
Recommendation
Immediately apply the security update released by Microsoft for affected Office versions. Restrict opening files from unknown sources and enforce least-privilege policies.
Original NVD description (English source)
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

