CVE Catalog

CVE-2026-45486

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

29th percentile - higher than 29% of all known CVEs

Summary

A Use-After-Free vulnerability in Microsoft Office Word allows an unauthorized attacker to execute code locally. The issue stems from improper memory management when processing specially crafted documents.

Risk Assessment

An attacker can exploit this vulnerability to run malicious code in the user's context, potentially leading to system compromise, data theft, or malware installation.

Recommendation

Apply the security update provided by Microsoft for Microsoft Office Word immediately. Consider implementing policies to restrict opening documents from untrusted sources.

Original NVD description (English source)

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS