Description
External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network.
Published: 2026-05-12
Score: 4.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Microsoft Word allows an attacker to provide an external file name or path that bypasses normal access control, enabling the disclosure of sensitive information on a network. The weakness is a classic external control of file or directory path scenario (CWE‑73). An exploit could allow an unauthenticated user to read arbitrary files accessible to the host, potentially leaking confidential data.

Affected Systems

The vulnerability affects Microsoft 365 Apps for Enterprise, Microsoft Office 2019, Microsoft Office LTSC 2021, Microsoft Office LTSC 2024, and Microsoft Word 2016. No specific version ranges are listed, so all currently installed instances of the above products are considered vulnerable until upgraded.

Risk and Exploitability

The CVSS score of 4.3 indicates a moderate severity with limited impact on confidentiality and availability. EPSS data is not available, and the vulnerability is not listed in CISA KEV. The likely attack vector is remote access; an attacker who can influence the file name or path seen by Word can exploit the flaw over the network. Because the vulnerability requires only external file path manipulation, the conditions for exploitation are relatively low, but the potential for sensitive data exposure remains. Overall risk is moderate, warranting monitoring and prompt remediation as part of a broader vulnerability management strategy.

Generated by OpenCVE AI on May 12, 2026 at 20:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Microsoft Office and Word security updates that address the external file path control issue (recommended via Windows Update or the Office update mechanism).
  • If an immediate patch is not available, configure Office group policies to disable processing of external file links or restrict network access to directories that can be referenced by Word.
  • Monitor file access logs and network traffic for anomalous attempts to read privileged files through Word, and respond to detected incidents promptly.

Generated by OpenCVE AI on May 12, 2026 at 20:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network.
Title Microsoft Word Information Disclosure Vulnerability
First Time appeared Microsoft
Microsoft 365 Apps
Microsoft office 2019
Microsoft office 2021
Microsoft office 2024
Microsoft word 2016
Weaknesses CWE-73
CPEs cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:*
cpe:2.3:a:microsoft:office_2024:*:*:*:*:long_term_servicing_channel:*:*:*
cpe:2.3:a:microsoft:word_2016:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft 365 Apps
Microsoft office 2019
Microsoft office 2021
Microsoft office 2024
Microsoft word 2016
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C'}

Subscriptions

Microsoft 365 Apps Office 2019 Office 2021 Office 2024 Word 2016
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-05-12T17:53:47.896Z

Reserved: 2026-04-13T00:27:50.799Z

Link: CVE-2026-40421

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-12T18:17:20.320

Modified: 2026-05-12T18:17:20.320

Link: CVE-2026-40421

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T23:00:10Z

Weaknesses