CVE Catalog
CVE-2026-45460
MediumCVSS 4.7Exploitation Probability (EPSS)
Low risk0.36%
28th percentile - higher than 28% of all known CVEs
Summary
A buffer over-read vulnerability in Microsoft Office allows an unauthorized attacker to disclose information locally. The issue occurs when reading data beyond the allowed memory region.
Risk Assessment
An attacker with local access to the system may read sensitive data stored in the Office process memory, leading to information disclosure.
Recommendation
Apply the security update released by Microsoft for Office immediately. Also restrict local access to systems running the vulnerable component.
Original NVD description (English source)
Buffer over-read in Microsoft Office allows an unauthorized attacker to disclose information locally.

