Description
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Published: 2026-05-12
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a heap-based buffer overflow in Microsoft Office that allows an unauthorized attacker to execute code locally. This memory corruption flaw can lead to arbitrary code execution on the affected machine, granting the attacker control over the Office process with the privileges of the logged‑in user.

Affected Systems

The vulnerability affects Microsoft 365 Apps for Enterprise, Office 2016, Office 2019, Office LTSC 2021, Office LTSC 2024, Office LTSC for Mac 2021, and Office LTSC for Mac 2024. All indicated versions are impacted; no specific patch level is provided in the CIA source, so any installation of these products may be vulnerable.

Risk and Exploitability

The CVSS score of 8.4 reflects high severity, indicating the potential for significant compromise if the flaw is used. The EPSS score of 0.057% indicates a very low likelihood of exploitation at this time, and the vulnerability is not listed in the CISA KEV catalog, so there is currently no evidence of widespread exploitation. The likely attack vector is local, requiring the attacker to run malicious code or documents on the target machine. No remote attack path is described in the available data.

Generated by OpenCVE AI on June 1, 2026 at 21:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Microsoft Office update that addresses CVE-2026-40358
  • Restrict macro and add‑in execution or isolate the application process until a patch is available
  • Monitor for indicators of use‑after‑free exploitation and enforce least privilege on Office processes

Generated by OpenCVE AI on June 1, 2026 at 21:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Tue, 19 May 2026 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft office
Microsoft office Long Term Servicing Channel
CPEs cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*
cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*
cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x64:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:x86:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x64:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:-:x86:*
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024:*:*:*:*:macos:*:*
Vendors & Products Microsoft office
Microsoft office Long Term Servicing Channel

Wed, 13 May 2026 10:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Title Microsoft Office Remote Code Execution Vulnerability
First Time appeared Microsoft
Microsoft 365 Apps
Microsoft office 2016
Microsoft office 2019
Microsoft office 2021
Microsoft office 2024
Microsoft office Macos 2021
Microsoft office Macos 2024
Weaknesses CWE-416
CPEs cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:office_2016:*:*:*:*:*:*:x86:*
cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:*
cpe:2.3:a:microsoft:office_2024:*:*:*:*:long_term_servicing_channel:*:*:*
cpe:2.3:a:microsoft:office_macos_2021:*:*:*:*:*:long_term_servicing_channel:*:*
cpe:2.3:a:microsoft:office_macos_2024:*:*:*:*:*:long_term_servicing_channel:*:*
Vendors & Products Microsoft
Microsoft 365 Apps
Microsoft office 2016
Microsoft office 2019
Microsoft office 2021
Microsoft office 2024
Microsoft office Macos 2021
Microsoft office Macos 2024
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft 365 Apps Office Office 2016 Office 2019 Office 2021 Office 2024 Office Long Term Servicing Channel Office Macos 2021 Office Macos 2024
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-02T23:17:08.919Z

Reserved: 2026-04-11T23:06:15.614Z

Link: CVE-2026-40358

cve-icon Vulnrichment

Updated: 2026-05-13T09:59:04.002Z

cve-icon NVD

Status : Modified

Published: 2026-05-12T18:17:14.543

Modified: 2026-06-01T19:16:34.033

Link: CVE-2026-40358

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T21:45:22Z

Weaknesses