CVE-2026-56192

Published Jul 14, 2026

Last updated 7 hours ago

Overview

Description
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
Source
secure@microsoft.com
NVD status
Analyzed
Products
365_apps, microsoft_365, office_2016, office_2019, office_2021, office_2024, sharepoint_server

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.5
Impact score
3.6
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Severity
MEDIUM

Weaknesses

secure@microsoft.com
CWE-125

Social media

Hype score
Not currently trending

Configurations

References

Sources include official advisories and independent security research.