CVE Catalog

CVE-2026-47293

HighCVSS 7.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

9th percentile - higher than 9% of all known CVEs

Summary

A use after free vulnerability in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.

Risk Assessment

This vulnerability could lead to unauthorized access to the system and data, posing a serious security threat to the organization.

Recommendation

It is recommended to update Microsoft Office Click-To-Run to the latest version to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS