Microsoft Microsoft Word 2016
56 CVEs affecting Microsoft Microsoft Word 2016. Latest disclosed: 2026-05-12. Critical: 2, High: 41.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-21716 | Critical | 9.8 | 2023-02-14 | Microsoft Word Remote Code Execution Vulnerability |
CVE-2023-33150 | Critical | 9.6 | 2023-07-11 | Microsoft Office Security Feature Bypass Vulnerability |
CVE-2020-1583 | High | 8.8 | 2020-08-17 | An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability… |
CVE-2026-40367 | High | 8.4 | 2026-05-12 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2026-40366 | High | 8.4 | 2026-05-12 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2026-40364 | High | 8.4 | 2026-05-12 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2026-40361 | High | 8.4 | 2026-05-12 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-53733 | High | 8.4 | 2025-08-12 | Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2026-20948 | High | 7.8 | 2026-01-13 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-62559 | High | 7.8 | 2025-12-09 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-62558 | High | 7.8 | 2025-12-09 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-62562 | High | 7.8 | 2025-12-09 | Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. |
CVE-2025-59222 | High | 7.8 | 2025-10-14 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-53738 | High | 7.8 | 2025-08-12 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-49703 | High | 7.8 | 2025-07-08 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-49700 | High | 7.8 | 2025-07-08 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-49698 | High | 7.8 | 2025-07-08 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-47169 | High | 7.8 | 2025-06-10 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-47168 | High | 7.8 | 2025-06-10 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-27747 | High | 7.8 | 2025-04-08 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |