<< Back
CVE Number Vulnerability Product Severity Date
CVE-2026-47635 Microsoft Outlook and Word Remote Code Execution Vulnerability Microsoft Office Critical 01-07-2026

Technical Information

An unauthenticated attacker can exploit this by causing specially crafted malicious document, triggering a heap-based buffer overflow through a type confusion condition and achieving arbitrary code execution on the affected machine.

Patch release date: Jun 09, 2026
Further information on this vulnerability is available at : CVE-2026-47635

Affected Software

Microsoft Office LTSC 2024 for 32-bit editions,
Microsoft Office LTSC 2024 for 64-bit editions