Description
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Published: 2026-01-13
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Local code execution
Action: Immediate Patch
AI Analysis

Impact

An out-of-bounds read occurs in Microsoft Office Word when a specially crafted document is opened, allowing an attacker to execute arbitrary code locally with the privileges of the user. This result in compromise of confidentiality, integrity, and availability of the system, as the attacker could install malware, exfiltrate data, or alter system settings.

Affected Systems

The vulnerability impacts Microsoft 365 Apps for Enterprise, Microsoft Office LTSC for Mac 2021, and Microsoft Office LTSC for Mac 2024 users. All affected versions of these products are listed in the CNA product matrix.

Risk and Exploitability

The flaw carries a CVSS score of 8.4, classifying it as high severity, while the EPSS score is below 1%, indicating a low current exploitation probability. It is not listed in CISA’s KEV catalog. Attackers could trigger the exploit by delivering a malicious Word document via phishing, social engineering, or unsecured downloads, leading to local code execution on the victim’s machine.

Generated by OpenCVE AI on April 16, 2026 at 08:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor’s latest Office update released through Microsoft Intune or the Microsoft Update service.
  • Configure Office to automatically install available updates and verify that the update for CVE‑2026‑20944 is in place.
  • Enable application control or sandboxing for Office to prevent execution of unauthorized code when opening documents.

Generated by OpenCVE AI on April 16, 2026 at 08:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 16 Jan 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft office Long Term Servicing Channel
CPEs cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*
cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*
Vendors & Products Microsoft office Long Term Servicing Channel

Thu, 15 Jan 2026 00:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Description Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Title Microsoft Word Remote Code Execution Vulnerability
First Time appeared Microsoft
Microsoft 365 Apps
Microsoft office Macos 2021
Microsoft office Macos 2024
Weaknesses CWE-125
CPEs cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:office_macos_2021:*:*:*:*:*:long_term_servicing_channel:*:*
cpe:2.3:a:microsoft:office_macos_2024:*:*:*:*:*:long_term_servicing_channel:*:*
Vendors & Products Microsoft
Microsoft 365 Apps
Microsoft office Macos 2021
Microsoft office Macos 2024
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft 365 Apps Office Long Term Servicing Channel Office Macos 2021 Office Macos 2024
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-01T13:48:55.631Z

Reserved: 2025-12-04T20:04:16.339Z

Link: CVE-2026-20944

cve-icon Vulnrichment

Updated: 2026-01-13T19:32:44.080Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-13T18:16:21.850

Modified: 2026-01-16T16:15:25.740

Link: CVE-2026-20944

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T08:30:29Z

Weaknesses