CVE Catalog

CVE-2026-45474

HighCVSS 8.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.36%

28th percentile - higher than 28% of all known CVEs

Summary

A Use-After-Free vulnerability in Microsoft Office allows an unauthorized attacker to execute code locally. The issue stems from improper memory management when processing specially crafted files.

Risk Assessment

An attacker could gain full control of the victim's system, installing malware, modifying data, or escalating privileges.

Recommendation

Apply the security update provided by Microsoft in the monthly patch release immediately. Restrict opening files from untrusted sources.

Original NVD description (English source)

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS