<< Back
CVE Number Vulnerability Product Severity Date
CVE-2025-59236 Microsoft Excel Remote Code Execution Vulnerability Microsoft Office, Microsoft 365 App Critical 14-11-2025

Technical Information

An unauthorized local attacker could exploit a use-after-free vulnerability in Microsoft Office Excel to execute arbitrary code on the system.

Patch release date: Oct 14, 2025
Further information on this vulnerability is available at : CVE-2025-59236

Affected Software

Office Online Server,
Microsoft Office 2019 for 32-bit editions,
Microsoft Office 2019 for 64-bit editions,
Microsoft 365 Apps for Enterprise for 32-bit Systems,
Microsoft 365 Apps for Enterprise for 64-bit Systems,
Microsoft Office LTSC for Mac 2021,
Microsoft Office LTSC 2021 for 64-bit editions,
Microsoft Office LTSC 2021 for 32-bit editions,
Microsoft Office LTSC 2024 for 32-bit editions,
Microsoft Office LTSC 2024 for 64-bit editions,
Microsoft Office LTSC for Mac 2024