CVSS: 7.1EPSS: 0%CPEs: 20EXPL: 0CVE-2026-26133 – M365 Copilot Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2026-26133
13 Mar 2026 — AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2026-26109 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2026-26109
10 Mar 2026 — Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26109 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2026-26108 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2026-26108
10 Mar 2026 — Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26108 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2026-26107 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2026-26107
10 Mar 2026 — Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26107 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2026-26112 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2026-26112
10 Mar 2026 — Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26112 • CWE-822: Untrusted Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-21261 – Microsoft Excel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2026-21261
10 Feb 2026 — Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21261 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-21258 – Microsoft Excel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2026-21258
10 Feb 2026 — Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21258 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-21259 – Microsoft Excel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2026-21259
10 Feb 2026 — Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21259 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2026-20957 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2026-20957
13 Jan 2026 — Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20957 • CWE-122: Heap-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2026-20950 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2026-20950
13 Jan 2026 — Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20950 • CWE-416: Use After Free •