<< Back
CVE Number Vulnerability Product Severity Date
CVE-2026-45460 Microsoft Office Information Disclosure Vulnerability Microsoft Office, Microsoft 365 Apps Critical 01-07-2026

Technical Information

An unauthenticated attacker can exploit by convincing a user to open a specially crafted Office file, triggering an out-of-bounds read that discloses small portions of process heap memory and potentially exposes sensitive information from the affected system.

Patch release date: Jun 09, 2026
Further information on this vulnerability is available at : CVE-2026-45460

Affected Software

Microsoft Office for Android,
Microsoft Office 365 for Mac,
Microsoft Office 2019 for 32-bit editions,
Microsoft Office 2019 for 64-bit editions,
Microsoft 365 Apps for Enterprise for 32-bit Systems,
Microsoft 365 Apps for Enterprise for 64-bit Systems,
Microsoft Office LTSC for Mac 2021,
Microsoft Office LTSC 2021 for 64-bit editions,
Microsoft Office LTSC 2021 for 32-bit editions,
Microsoft Office LTSC 2024 for 32-bit editions,
Microsoft Office LTSC 2024 for 64-bit editions,
Microsoft Office LTSC for Mac 2024