Description
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Published: 2026-04-14
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A use‑after‑free flaw in Microsoft Office Word allows an attacker to trigger execution of arbitrary code with the privileges of the user who opens a malicious document. The vulnerability causes the software to access freed memory again, enabling the attacker to influence Word’s processing and run code. This can compromise the confidentiality, integrity, and availability of the victim’s data and system. The weakness is classified under CWE‑416.

Affected Systems

Microsoft 365 Apps for Enterprise and Microsoft Office LTSC 2024 are affected. All current releases within these product families are at risk, as no specific sub‑versions are listed. Users of these Office deployments should consider themselves potentially exposed.

Risk and Exploitability

The CVSS base score of 7.8 denotes high severity. EPSS score is not published and the vulnerability is not in the CISA KEV catalog, but the lack of these metrics does not reduce the practical risk. Based on the description, it is inferred that the attacker must supply a specially crafted Word document, which an end‑user opens, making the attack vector likely local or remote via email or file transfer. If exploited, the attacker obtains full control within the user’s session, allowing further lateral movement or persistence.

Generated by OpenCVE AI on April 14, 2026 at 19:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Office update from Microsoft’s update guide.
  • If the update has not yet been released, refrain from opening unknown or untrusted Word documents until a patch is available.
  • Use email filtering rules or sandboxing to block or quarantine malicious DOCX files.
  • Monitor for anomalous Office process activity with endpoint protection solutions.

Generated by OpenCVE AI on April 14, 2026 at 19:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft office Long Term Servicing Channel
CPEs cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*
cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*
Vendors & Products Microsoft office Long Term Servicing Channel

Wed, 15 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft microsoft 365 Apps For Enterprise
Vendors & Products Microsoft microsoft 365 Apps For Enterprise

Wed, 15 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 14 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Title Microsoft Word Remote Code Execution Vulnerability
First Time appeared Microsoft
Microsoft 365 Apps
Microsoft office 2024
Weaknesses CWE-416
CPEs cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:office_2024:*:*:*:*:long_term_servicing_channel:*:*:*
Vendors & Products Microsoft
Microsoft 365 Apps
Microsoft office 2024
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft 365 Apps Microsoft 365 Apps For Enterprise Office 2024 Office Long Term Servicing Channel
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-30T14:41:47.914Z

Reserved: 2026-01-14T16:59:33.463Z

Link: CVE-2026-23657

cve-icon Vulnrichment

Updated: 2026-04-15T09:08:56.554Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-14T18:16:44.327

Modified: 2026-04-29T19:11:56.700

Link: CVE-2026-23657

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T15:00:06Z

Weaknesses