CVE Catalog

CVE-2026-47635

HighCVSS 8.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.33%

25th percentile - higher than 25% of all known CVEs

Summary

A heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Risk Assessment

An attacker could exploit this vulnerability to gain control of the system, leading to data theft or malware installation.

Recommendation

It is recommended to immediately apply the security update provided by Microsoft for the affected Office version.

Original NVD description (English source)

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS