CVE Daily – Microsoft Office

[High] CVE-2026-47294 – Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Mon, 01 Jun 2026 19:16:53 +0000

High CVE-2026-47294

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.0 · CWE: CWE-78

View on NVD

[Medium] CVE-2026-45551 – Group-Office is an enterprise customer relationship management and groupware too...

Fri, 29 May 2026 13:16:22 +0000

Medium CVE-2026-45551

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 26.0.25, 25.0.100, and 6.8.165, GroupOffice allows authenticated users to persist arbitrary legacy settings for any user_id via index.php?r=core/saveSetting. A separate client-side sink in the email module injects the email_font_size setting directly into JavaScript without escaping. By combining these two…

CVSS: 5.1 · CWE: CWE-79

View on NVD

[High] CVE-2026-45659 – Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Fri, 22 May 2026 23:16:56 +0000

High CVE-2026-45659

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.8 · CWE: CWE-502

View on NVD

[Medium] CVE-2026-26028 – CryptPad is an end-to-end encrypted collaborative office suite. In versions prio...

Wed, 20 May 2026 20:16:36 +0000

Medium CVE-2026-26028

CryptPad is an end-to-end encrypted collaborative office suite. In versions prior to 2026.2.0, the HTML sanitizer in Diffmarked.js can be bypassed due to incomplete attribute filtering on restricted tags. The sanitizer validates only the src attribute of , , and elements, leaving all other attributes unchecked. As a result, an attacker can inject arbitrary HTML through srcd…

CVSS: 6.1 · CWE: CWE-79

View on NVD

[Critical] CVE-2026-44212 – PrestaShop is an open source e-commerce web application. Prior to 8.2.6 and 9.1...

Thu, 14 May 2026 21:16:46 +0000

Critical CVE-2026-44212

PrestaShop is an open source e-commerce web application. Prior to 8.2.6 and 9.1.1, there is a stored Cross-Site Scripting (XSS) vulnerability in the PrestaShop back-office Customer Service view. An unauthenticated attacker can submit the public Contact Us form with a malicious email address. The payload is stored in the database and executed when a back-office employee opens the affected customer…

CVSS: 9.3 · CWE: CWE-79

View on NVD

[High] CVE-2026-42832 – Improper access control in Microsoft Office allows an unauthorized attacker to p...

Tue, 12 May 2026 18:17:25 +0000

High CVE-2026-42832

Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.

CVSS: 7.7 · CWE: CWE-284

View on NVD

[High] CVE-2026-42831 – Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker t...

Tue, 12 May 2026 18:17:25 +0000

High CVE-2026-42831

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-122

View on NVD

[High] CVE-2026-41102 – Improper access control in Microsoft Office PowerPoint allows an authorized atta...

Tue, 12 May 2026 18:17:21 +0000

High CVE-2026-41102

Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.

CVSS: 7.1 · CWE: CWE-284

View on NVD

[High] CVE-2026-41101 – Improper access control in Microsoft Office Word allows an authorized attacker t...

Tue, 12 May 2026 18:17:21 +0000

High CVE-2026-41101

Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.

CVSS: 7.1 · CWE: CWE-284

View on NVD

[Medium] CVE-2026-40421 – Files or directories accessible to external parties in Microsoft Office Word all...

Tue, 12 May 2026 18:17:20 +0000

Medium CVE-2026-40421

Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVSS: 4.3 · CWE: CWE-73

View on NVD

[High] CVE-2026-40420 – Use after free in Microsoft Office allows an authorized attacker to elevate priv...

Tue, 12 May 2026 18:17:20 +0000

High CVE-2026-40420

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

CVSS: 8.8 · CWE: CWE-284

View on NVD

[High] CVE-2026-40419 – Use after free in Microsoft Office allows an authorized attacker to elevate priv...

Tue, 12 May 2026 18:17:20 +0000

High CVE-2026-40419

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[High] CVE-2026-40418 – Use after free in Microsoft Office allows an authorized attacker to elevate priv...

Tue, 12 May 2026 18:17:19 +0000

High CVE-2026-40418

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[High] CVE-2026-40368 – Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Tue, 12 May 2026 18:17:15 +0000

High CVE-2026-40368

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.0 · CWE: CWE-502

View on NVD

[High] CVE-2026-40367 – Access of resource using incompatible type ('type confusion') in Microsoft Offic...

Tue, 12 May 2026 18:17:15 +0000

High CVE-2026-40367

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-822

View on NVD

[High] CVE-2026-40366 – Access of resource using incompatible type ('type confusion') in Microsoft Offic...

Tue, 12 May 2026 18:17:15 +0000

High CVE-2026-40366

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-416

View on NVD

[High] CVE-2026-40365 – Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Tue, 12 May 2026 18:17:15 +0000

High CVE-2026-40365

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.8 · CWE: CWE-1220

View on NVD

[High] CVE-2026-40364 – Access of resource using incompatible type ('type confusion') in Microsoft Offic...

Tue, 12 May 2026 18:17:15 +0000

High CVE-2026-40364

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-122

View on NVD

[High] CVE-2026-40363 – Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker t...

Tue, 12 May 2026 18:17:15 +0000

High CVE-2026-40363

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-122

View on NVD

[High] CVE-2026-40362 – Use after free in Microsoft Office Excel allows an unauthorized attacker to exec...

Tue, 12 May 2026 18:17:15 +0000

High CVE-2026-40362

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-122

View on NVD

[High] CVE-2026-40361 – Use after free in Microsoft Office allows an unauthorized attacker to execute co...

Tue, 12 May 2026 18:17:14 +0000

High CVE-2026-40361

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-416

View on NVD

[High] CVE-2026-40360 – Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to ...

Tue, 12 May 2026 18:17:14 +0000

High CVE-2026-40360

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVSS: 7.8 · CWE: CWE-125

View on NVD

[High] CVE-2026-40359 – Use after free in Microsoft Office Excel allows an unauthorized attacker to exec...

Tue, 12 May 2026 18:17:14 +0000

High CVE-2026-40359

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[High] CVE-2026-40358 – Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker t...

Tue, 12 May 2026 18:17:14 +0000

High CVE-2026-40358

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-416

View on NVD

[High] CVE-2026-40357 – Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Tue, 12 May 2026 18:17:14 +0000

High CVE-2026-40357

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.8 · CWE: CWE-502

View on NVD

[Medium] CVE-2026-35440 – Files or directories accessible to external parties in Microsoft Office Word all...

Tue, 12 May 2026 18:17:14 +0000

Medium CVE-2026-35440

Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVSS: 5.5 · CWE: CWE-552

View on NVD

[High] CVE-2026-35439 – Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Tue, 12 May 2026 18:17:14 +0000

High CVE-2026-35439

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.8 · CWE: CWE-502

View on NVD

[High] CVE-2026-35436 – Use after free in Microsoft Office allows an authorized attacker to elevate priv...

Tue, 12 May 2026 18:17:13 +0000

High CVE-2026-35436

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

CVSS: 8.8 · CWE: CWE-1220

View on NVD

[High] CVE-2026-33112 – Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Tue, 12 May 2026 18:17:03 +0000

High CVE-2026-33112

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.8 · CWE: CWE-502

View on NVD

[High] CVE-2026-33110 – Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Tue, 12 May 2026 18:17:03 +0000

High CVE-2026-33110

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.8 · CWE: CWE-502

View on NVD

[Critical] CVE-2022-50993 – Weaver (Fanwei) E-office versions prior to 10.0_20221201 contain an unauthentica...

Thu, 30 Apr 2026 17:16:24 +0000

Critical CVE-2022-50993

Weaver (Fanwei) E-office versions prior to 10.0_20221201 contain an unauthenticated arbitrary file upload vulnerability in the OfficeServer.php endpoint that allows remote attackers to upload malicious files by sending multipart POST requests with arbitrary filenames and disguised content types. Attackers can upload PHP webshells to the Document directory and execute them via HTTP GET requests to…

CVSS: 9.8 · CWE: CWE-434

View on NVD

[Medium] CVE-2026-7217 – A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. T...

Tue, 28 Apr 2026 03:16:04 +0000

Medium CVE-2026-7217

A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function read_docx/read_xlsx/read_pptx/list_xlsx_sheets/read_pdf of the file packages/mcp-office/src/index.ts of the component Document File Handler. Such manipulation of the argument path leads to absolute path traversal. The attack can be executed remotely. The exploit has been disclosed p…

CVSS: 5.3 · CWE: CWE-22

View on NVD

[Medium] CVE-2026-1789 – A vulnerability in the browser-based remote management interface may allow an ad...

Fri, 24 Apr 2026 00:16:26 +0000

Medium CVE-2026-1789

A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers.

CVSS: 4.9 · CWE: CWE-807

View on NVD

[High] CVE-2026-5756 – Unauthenticated Configuration File Modification Vulnerability in DRC Central Off...

Tue, 14 Apr 2026 18:17:39 +0000

High CVE-2026-5756

Unauthenticated Configuration File Modification Vulnerability in DRC Central Office Services (COS) allows an attacker to modify the server's configuration file, potentially leading to mass data exfiltration, malicious traffic interception, or disruption of testing services.

CVSS: 7.5 · CWE: N/A

View on NVD

[Medium] CVE-2026-33822 – Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to d...

Tue, 14 Apr 2026 18:17:34 +0000

Medium CVE-2026-33822

Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVSS: 6.1 · CWE: CWE-125

View on NVD

[High] CVE-2026-33115 – Use after free in Microsoft Office Word allows an unauthorized attacker to execu...

Tue, 14 Apr 2026 18:17:33 +0000

High CVE-2026-33115

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-416

View on NVD

[High] CVE-2026-33114 – Untrusted pointer dereference in Microsoft Office Word allows an unauthorized at...

Tue, 14 Apr 2026 18:17:33 +0000

High CVE-2026-33114

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-822

View on NVD

[High] CVE-2026-33095 – Use after free in Microsoft Office Word allows an unauthorized attacker to execu...

Tue, 14 Apr 2026 18:17:31 +0000

High CVE-2026-33095

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[Medium] CVE-2026-32201 – Improper input validation in Microsoft Office SharePoint allows an unauthorized ...

Tue, 14 Apr 2026 18:17:27 +0000

Medium CVE-2026-32201

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

CVSS: 6.5 · CWE: CWE-20

View on NVD

[High] CVE-2026-32200 – Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to...

Tue, 14 Apr 2026 18:17:26 +0000

High CVE-2026-32200

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[High] CVE-2026-32199 – Use after free in Microsoft Office Excel allows an unauthorized attacker to exec...

Tue, 14 Apr 2026 18:17:26 +0000

High CVE-2026-32199

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[High] CVE-2026-32198 – Use after free in Microsoft Office Excel allows an unauthorized attacker to exec...

Tue, 14 Apr 2026 18:17:26 +0000

High CVE-2026-32198

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[High] CVE-2026-32197 – Use after free in Microsoft Office Excel allows an unauthorized attacker to exec...

Tue, 14 Apr 2026 18:17:26 +0000

High CVE-2026-32197

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[High] CVE-2026-32190 – Use after free in Microsoft Office allows an unauthorized attacker to execute co...

Tue, 14 Apr 2026 18:17:25 +0000

High CVE-2026-32190

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-416

View on NVD

[High] CVE-2026-32189 – Use after free in Microsoft Office Excel allows an unauthorized attacker to exec...

Tue, 14 Apr 2026 18:17:24 +0000

High CVE-2026-32189

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[High] CVE-2026-32188 – Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to ...

Tue, 14 Apr 2026 18:17:23 +0000

High CVE-2026-32188

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVSS: 7.1 · CWE: CWE-125

View on NVD

[High] CVE-2026-23657 – Use after free in Microsoft Office Word allows an unauthorized attacker to execu...

Tue, 14 Apr 2026 18:16:44 +0000

High CVE-2026-23657

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[Medium] CVE-2026-20945 – Improper neutralization of input during web page generation ('cross-site scripti...

Tue, 14 Apr 2026 18:16:43 +0000

Medium CVE-2026-20945

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVSS: 4.6 · CWE: CWE-79

View on NVD

[Critical] CVE-2026-34838 – Group-Office is an enterprise customer relationship management and groupware too...

Thu, 02 Apr 2026 20:16:28 +0000

Critical CVE-2026-34838

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.156, 25.0.90, and 26.0.12, a vulnerability in the AbstractSettingsCollection model leads to insecure deserialization when these settings are loaded. By injecting a serialized FileCookieJar object into a setting string, an authenticated attacker can achieve Arbitrary File Write, leading directl…

CVSS: 9.9 · CWE: CWE-502

View on NVD

[High] CVE-2026-33755 – Group-Office is an enterprise customer relationship management and groupware too...

Fri, 27 Mar 2026 15:16:57 +0000

High CVE-2026-33755

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.158, 25.0.92, and 26.0.17, an authenticated SQL Injection vulnerability in the JMAP `Contact/query` endpoint allows any authenticated user with basic addressbook access to extract arbitrary data from the database — including active session tokens of other users. This enables full account takeo…

CVSS: 8.8 · CWE: CWE-89

View on NVD

[High] CVE-2026-33673 – PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5...

Thu, 26 Mar 2026 22:16:30 +0000

High CVE-2026-33673

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting (stored XSS) vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-office access or a previously existing vulnerability, can exploit unprotected variables in back-office templates. Versions 8.2.5 and 9.1.0 contain a fix.…

CVSS: 7.6 · CWE: CWE-79

View on NVD

[Medium] CVE-2026-2559 – The Post SMTP plugin for WordPress is vulnerable to unauthorized modification of...

Wed, 18 Mar 2026 16:16:27 +0000

Medium CVE-2026-2559

The Post SMTP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `handle_office365_oauth_redirect()` function in all versions up to, and including, 3.8.0. This is due to the function being hooked to `admin_init` without any `current_user_can()` check or nonce verification. This makes it possible for authenticated attackers, with Subscr…

CVSS: 5.3 · CWE: CWE-862

View on NVD

[High] CVE-2026-26144 – Improper neutralization of input during web page generation ('cross-site scripti...

Tue, 10 Mar 2026 18:18:43 +0000

High CVE-2026-26144

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

CVSS: 7.5 · CWE: CWE-79

View on NVD

[High] CVE-2026-26134 – Integer overflow or wraparound in Microsoft Office allows an authorized attacker...

Tue, 10 Mar 2026 18:18:42 +0000

High CVE-2026-26134

Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 · CWE: CWE-190

View on NVD

[High] CVE-2026-26114 – Deserialization of untrusted data in Microsoft Office SharePoint allows an autho...

Tue, 10 Mar 2026 18:18:40 +0000

High CVE-2026-26114

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.8 · CWE: CWE-502

View on NVD

[High] CVE-2026-26113 – Untrusted pointer dereference in Microsoft Office allows an unauthorized attacke...

Tue, 10 Mar 2026 18:18:40 +0000

High CVE-2026-26113

Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-822

View on NVD

[High] CVE-2026-26112 – Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized a...

Tue, 10 Mar 2026 18:18:39 +0000

High CVE-2026-26112

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-822

View on NVD

[High] CVE-2026-26110 – Access of resource using incompatible type ('type confusion') in Microsoft Offic...

Tue, 10 Mar 2026 18:18:39 +0000

High CVE-2026-26110

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-843

View on NVD

[High] CVE-2026-26109 – Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to ...

Tue, 10 Mar 2026 18:18:39 +0000

High CVE-2026-26109

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-125

View on NVD

[High] CVE-2026-26108 – Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized atta...

Tue, 10 Mar 2026 18:18:39 +0000

High CVE-2026-26108

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-122

View on NVD

[High] CVE-2026-26107 – Use after free in Microsoft Office Excel allows an unauthorized attacker to exec...

Tue, 10 Mar 2026 18:18:38 +0000

High CVE-2026-26107

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-416

View on NVD

[High] CVE-2026-26106 – Improper input validation in Microsoft Office SharePoint allows an authorized at...

Tue, 10 Mar 2026 18:18:38 +0000

High CVE-2026-26106

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS: 8.8 · CWE: CWE-20

View on NVD

[High] CVE-2026-26105 – Improper neutralization of input during web page generation ('cross-site scripti...

Tue, 10 Mar 2026 18:18:38 +0000

High CVE-2026-26105

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

CVSS: 8.1 · CWE: CWE-79

View on NVD

[Low] CVE-2026-3665 – A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected ...

Sat, 07 Mar 2026 16:15:56 +0000

Low CVE-2026-3665

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsx_consumer::read_office_document of the file source/detail/serialization/xlsx_consumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. The attack must be carried out locally. The exploit is publicly available and might be used.

CVSS: 3.3 · CWE: CWE-404

View on NVD

[Medium] CVE-2026-30238 – Group-Office is an enterprise customer relationship management and groupware too...

Fri, 06 Mar 2026 22:16:01 +0000

Medium CVE-2026-30238

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.155, 25.0.88, and 26.0.10, there is a reflected XSS vulnerability in GroupOffice on the external/index flow. The f parameter (Base64 JSON) is decoded and then injected into an inline JavaScript block without strict escaping, allowing injection and arbitrary JavaSc…

CVSS: 6.1 · CWE: CWE-79

View on NVD

[Medium] CVE-2026-30237 – Group-Office is an enterprise customer relationship management and groupware too...

Fri, 06 Mar 2026 22:16:01 +0000

Medium CVE-2026-30237

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.155, 25.0.88, and 26.0.10, there is a reflected XSS vulnerability in the GroupOffice installer, endpoint install/license.php. The POST field license is rendered without escaping inside a , allowing a breakout.. This issue has been patched in versions 6…

CVSS: 6.1 · CWE: CWE-79

View on NVD

[High] CVE-2026-28046 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ...

Thu, 05 Mar 2026 06:16:37 +0000

High CVE-2026-28046

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through <= 3.3.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

[Critical] CVE-2026-3422 – U-Office Force developed by e-Excellence has a Insecure Deserialization vulnerab...

Mon, 02 Mar 2026 07:16:23 +0000

Critical CVE-2026-3422

U-Office Force developed by e-Excellence has a Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized content.

CVSS: 9.8 · CWE: CWE-502

View on NVD

[High] CVE-2026-27947 – Group-Office is an enterprise customer relationship management and groupware too...

Fri, 27 Feb 2026 20:21:40 +0000

High CVE-2026-27947

Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.9, 25.0.87, and 6.8.154 have an authenticated Remote Code Execution vulnerability in the TNEF attachment processing flow. The vulnerable path extracts attacker-controlled files from `winmail.dat` and then invokes `zip` with a shell wildcard (`*`). Because extracted filenames are attacker-cont…

CVSS: 8.8 · CWE: CWE-88

View on NVD

[High] CVE-2026-27832 – Group-Office is an enterprise customer relationship management and groupware too...

Fri, 27 Feb 2026 20:21:40 +0000

High CVE-2026-27832

Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection (SQLi) vulnerability, exploitable through the `advancedQueryData` parameter (`comparator` field) on an authenticated endpoint. The endpoint `index.php?r=email/template/emailSelection` processes `advancedQueryData` and forwards the SQL comparator wi…

CVSS: 8.8 · CWE: CWE-89

View on NVD

[Medium] CVE-2026-26223 – SPIP before 4.4.8 allows cross-site scripting (XSS) in the private area via mali...

Thu, 19 Feb 2026 16:27:15 +0000

Medium CVE-2026-26223

SPIP before 4.4.8 allows cross-site scripting (XSS) in the private area via malicious iframe tags. The application does not properly sandbox or escape iframe content in the back-office, allowing an attacker to inject and execute malicious scripts. The fix adds a sandbox attribute to iframe tags in the private area. This vulnerability is not mitigated by the SPIP security screen.

CVSS: 6.1 · CWE: CWE-79

View on NVD

[High] CVE-2020-37203 – Office Product Key Finder 1.5.4 contains a denial of service vulnerability that ...

Wed, 11 Feb 2026 21:16:15 +0000

High CVE-2020-37203

Office Product Key Finder 1.5.4 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the registration code input. Attackers can create a specially crafted text file and paste it into the 'Name and Key' field to trigger an application crash.

CVSS: 7.5 · CWE: CWE-120

View on NVD

[High] CVE-2026-21514 – Reliance on untrusted inputs in a security decision in Microsoft Office Word all...

Tue, 10 Feb 2026 18:16:33 +0000

High CVE-2026-21514

Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

CVSS: 7.8 · CWE: CWE-807

View on NVD

[High] CVE-2026-21511 – Deserialization of untrusted data in Microsoft Office Outlook allows an unauthor...

Tue, 10 Feb 2026 18:16:33 +0000

High CVE-2026-21511

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

CVSS: 7.5 · CWE: CWE-502

View on NVD

[Medium] CVE-2026-21261 – Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to ...

Tue, 10 Feb 2026 18:16:28 +0000

Medium CVE-2026-21261

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVSS: 5.5 · CWE: CWE-125

View on NVD

[High] CVE-2026-21260 – Exposure of sensitive information to an unauthorized actor in Microsoft Office O...

Tue, 10 Feb 2026 18:16:27 +0000

High CVE-2026-21260

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

CVSS: 7.5 · CWE: CWE-200

View on NVD

[High] CVE-2026-21259 – Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized atta...

Tue, 10 Feb 2026 18:16:27 +0000

High CVE-2026-21259

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

CVSS: 7.8 · CWE: CWE-122

View on NVD

[Medium] CVE-2026-21258 – Improper input validation in Microsoft Office Excel allows an unauthorized attac...

Tue, 10 Feb 2026 18:16:27 +0000

Medium CVE-2026-21258

Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVSS: 5.5 · CWE: CWE-20

View on NVD

[Medium] CVE-2026-23623 – Collabora Online is a collaborative online office suite based on LibreOffice tec...

Fri, 06 Feb 2026 00:15:56 +0000

Medium CVE-2026-23623

Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5, a user with view-only rights and no download privileges can obtain a local copy of a shared file. Although there are no corresponding buttons in the interface, pressin…

CVSS: 5.3 · CWE: CWE-285

View on NVD

[High] CVE-2026-25512 – Group-Office is an enterprise customer relationship management and groupware too...

Wed, 04 Feb 2026 21:16:02 +0000

High CVE-2026-25512

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, there is a remote code execution (RCE) vulnerability in Group-Office. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmp_file into an exec() call. By injecting shell metacharacters into tmp_file, an authentica…

CVSS: 8.8 · CWE: CWE-78

View on NVD

[Medium] CVE-2026-25511 – Group-Office is an enterprise customer relationship management and groupware too...

Wed, 04 Feb 2026 21:16:02 +0000

Medium CVE-2026-25511

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, an authenticated user within the System Administrator group can trigger a full SSRF via the WOPI service discovery URL, including access to internal hosts/ports. The SSRF response body can be exfiltrated via the built‑in debug system, turning it into a visible SSRF. T…

CVSS: 4.9 · CWE: CWE-918

View on NVD

[High] CVE-2025-29867 – Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in H...

Wed, 04 Feb 2026 05:16:06 +0000

High CVE-2025-29867

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Hancom Inc. Hancom Office 2018, Hancom Inc. Hancom Office 2020, Hancom Inc. Hancom Office 2022, Hancom Inc. Hancom Office 2024 allows File Content Injection.This issue affects Hancom Office 2018: before 10.0.0.12681; Hancom Office 2020: before 11.0.0.8916; Hancom Office 2022: before 12.0.0.4426; Hancom Office 2024: bef…

CVSS: 8.5 · CWE: CWE-843

View on NVD

[High] CVE-2026-25134 – Group-Office is an enterprise customer relationship management and groupware too...

Mon, 02 Feb 2026 23:16:09 +0000

High CVE-2026-25134

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5, the MaintenanceController exposes an action zipLanguage which takes a lang parameter and passes it directly to a system zip command via exec(). This can be combined with uploading a crafted zip file to achieve remote code execution. This vulnerability is fixed in 6.8.150, 25.0…

CVSS: 8.8 · CWE: CWE-88

View on NVD

[High] CVE-2026-21509 – Reliance on untrusted inputs in a security decision in Microsoft Office allows a...

Mon, 26 Jan 2026 18:16:38 +0000

High CVE-2026-21509

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

CVSS: 7.8 · CWE: CWE-807

View on NVD

[Medium] CVE-2026-23887 – Group-Office is an enterprise customer relationship management and groupware too...

Thu, 22 Jan 2026 00:15:51 +0000

Medium CVE-2026-23887

Group-Office is an enterprise customer relationship management and groupware tool. In versions 6.8.148 and below, and 25.0.1 through 25.0.79, the application stores unsanitized filenames in the database, which can lead to Stored Cross-Site Scripting (XSS). Users who interact with these specially crafted file names within the Group-Office application are affected. While the scope is limited to the…

CVSS: 5.4 · CWE: CWE-20

View on NVD

[Critical] CVE-2025-14237 – Buffer overflow in XPS font parse processing on Small Office Multifunction Print...

Fri, 16 Jan 2026 00:16:28 +0000

Critical CVE-2025-14237

Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230…

CVSS: 9.8 · CWE: CWE-787

View on NVD

[Critical] CVE-2025-14236 – Buffer overflow in Address Book attribute tag processing on Small Office Multifu...

Fri, 16 Jan 2026 00:16:28 +0000

Critical CVE-2025-14236

Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series…

CVSS: 9.8 · CWE: CWE-787

View on NVD

[Critical] CVE-2025-14235 – Buffer overflow in XPS font fpgm data processing on Small Office Multifunction P...

Fri, 16 Jan 2026 00:16:27 +0000

Critical CVE-2025-14235

Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LB…

CVSS: 9.8 · CWE: CWE-787

View on NVD

[Critical] CVE-2025-14234 – Buffer overflow in CPCA list processing on Small Office Multifunction Printers a...

Fri, 16 Jan 2026 00:16:27 +0000

Critical CVE-2025-14234

Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Seri…

CVSS: 9.8 · CWE: CWE-787

View on NVD

[Critical] CVE-2025-14233 – Invalid free in CPCA file deletion processing on Small Office Multifunction Prin...

Fri, 16 Jan 2026 00:16:27 +0000

Critical CVE-2025-14233

Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP23…

CVSS: 9.8 · CWE: CWE-763

View on NVD

[Critical] CVE-2025-14232 – Buffer overflow in XML processing of XPS file in Small Office Multifunction Prin...

Fri, 16 Jan 2026 00:16:27 +0000

Critical CVE-2025-14232

Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP23…

CVSS: 9.8 · CWE: CWE-787

View on NVD

[Critical] CVE-2025-14231 – Buffer overflow in print job processing by WSD on Small Office Multifunction Pri...

Fri, 16 Jan 2026 00:16:27 +0000

Critical CVE-2025-14231

Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP2…

CVSS: 9.8 · CWE: CWE-787

View on NVD

[Critical] CVE-2026-20963 – Deserialization of untrusted data in Microsoft Office SharePoint allows an unaut...

Tue, 13 Jan 2026 18:16:24 +0000

Critical CVE-2026-20963

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.

CVSS: 9.8 · CWE: CWE-502

View on NVD

[Medium] CVE-2026-20959 – Improper neutralization of input during web page generation ('cross-site scripti...

Tue, 13 Jan 2026 18:16:23 +0000

Medium CVE-2026-20959

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVSS: 4.6 · CWE: CWE-79

View on NVD

[Medium] CVE-2026-20958 – Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an auth...

Tue, 13 Jan 2026 18:16:23 +0000

Medium CVE-2026-20958

Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network.

CVSS: 5.4 · CWE: CWE-918

View on NVD

[High] CVE-2026-20957 – Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unaut...

Tue, 13 Jan 2026 18:16:23 +0000

High CVE-2026-20957

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-122

View on NVD

[High] CVE-2026-20956 – Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized a...

Tue, 13 Jan 2026 18:16:23 +0000

High CVE-2026-20956

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-822

View on NVD

[High] CVE-2026-20955 – Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized a...

Tue, 13 Jan 2026 18:16:23 +0000

High CVE-2026-20955

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS: 7.8 · CWE: CWE-822

View on NVD

[High] CVE-2026-20953 – Use after free in Microsoft Office allows an unauthorized attacker to execute co...

Tue, 13 Jan 2026 18:16:23 +0000

High CVE-2026-20953

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-416

View on NVD

[High] CVE-2026-20952 – Use after free in Microsoft Office allows an unauthorized attacker to execute co...

Tue, 13 Jan 2026 18:16:22 +0000

High CVE-2026-20952

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS: 8.4 · CWE: CWE-416

View on NVD