CVE-2026-45461
HighCVSS 8.4Exploitation Probability (EPSS)
Low risk28th percentile - higher than 28% of all known CVEs
Summary
A Use-After-Free vulnerability in Microsoft Office allows an unauthorized attacker to execute code locally. The issue stems from improper memory management when processing specially crafted files.
Risk Assessment
An attacker could take control of the victim's system, installing malware, modifying data, or disrupting operations. The risk is particularly high in corporate environments where Office is widely used.
Recommendation
Apply the security update provided by Microsoft in the monthly bulletin immediately. Restrict opening files from unknown sources and implement policies to block macros and scripts.
Original NVD description (English source)
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

