Microsoft Office_long_term_servicing_channel
99 CVEs affecting Microsoft Office_long_term_servicing_channel. Latest disclosed: 2026-05-12. Critical: 2, High: 78.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-60724 | Critical | 9.8 | 2025-11-11 | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. |
CVE-2023-33150 | Critical | 9.6 | 2023-07-11 | Microsoft Office Security Feature Bypass Vulnerability |
CVE-2026-40420 | High | 8.8 | 2026-05-12 | Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. |
CVE-2026-35436 | High | 8.8 | 2026-05-12 | Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. |
CVE-2024-30103 | High | 8.8 | 2024-06-11 | Microsoft Outlook Remote Code Execution Vulnerability |
CVE-2022-41106 | High | 8.8 | 2022-11-09 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2022-21840 | High | 8.8 | 2022-01-11 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2026-40367 | High | 8.4 | 2026-05-12 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2026-40366 | High | 8.4 | 2026-05-12 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2026-40364 | High | 8.4 | 2026-05-12 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2026-40363 | High | 8.4 | 2026-05-12 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-40361 | High | 8.4 | 2026-05-12 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-40358 | High | 8.4 | 2026-05-12 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-33115 | High | 8.4 | 2026-04-14 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2026-33114 | High | 8.4 | 2026-04-14 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2026-32190 | High | 8.4 | 2026-04-14 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2026-26110 | High | 8.4 | 2026-03-10 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-62557 | High | 8.4 | 2025-12-09 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-62554 | High | 8.4 | 2025-12-09 | Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-49697 | High | 8.4 | 2025-07-08 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |