Microsoft Excel
157 CVEs affecting Microsoft Excel. Latest disclosed: 2026-05-12. Critical: 0, High: 51.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-41106 | High | 8.8 | 2022-11-09 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2022-21840 | High | 8.8 | 2022-01-11 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2017-8510 | High | 8.8 | 2017-06-15 | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Executio… |
CVE-2026-40362 | High | 7.8 | 2026-05-12 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2026-40360 | High | 7.8 | 2026-05-12 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. |
CVE-2026-40359 | High | 7.8 | 2026-05-12 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2026-32199 | High | 7.8 | 2026-04-14 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2026-32198 | High | 7.8 | 2026-04-14 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2026-32197 | High | 7.8 | 2026-04-14 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2026-32189 | High | 7.8 | 2026-04-14 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
CVE-2025-62199 | High | 7.8 | 2025-11-11 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2024-20673 | High | 7.8 | 2024-02-13 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2022-41063 | High | 7.8 | 2022-11-09 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2022-26901 | High | 7.8 | 2022-04-15 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2021-43256 | High | 7.8 | 2021-12-15 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2017-11884 | High | 7.8 | 2017-11-15 | Microsoft Excel 2016 Click-to-Run (C2R) allows an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in me… |
CVE-2017-11878 | High | 7.8 | 2017-11-15 | Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsof… |
CVE-2017-8632 | High | 7.8 | 2017-09-13 | A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack… |
CVE-2017-8631 | High | 7.8 | 2017-09-13 | A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013… |
CVE-2017-8502 | High | 7.8 | 2017-07-11 | Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnera… |