Microsoft Microsoft Onenote
3 CVEs affecting Microsoft Microsoft Onenote. Latest disclosed: 2026-03-13. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-29822 | High | 7.8 | 2025-04-08 | Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally. |
CVE-2025-21402 | High | 7.8 | 2025-01-14 | Microsoft Office OneNote Remote Code Execution Vulnerability |
CVE-2026-26133 | High | 7.1 | 2026-03-13 | AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. |