PT-2026-24317 · Microsoft · Office Excel

Publicado

2026-03-10

Atualizado

2026-04-07

CVE-2026-26107

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel (affected versions not specified) Microsoft Office Microsoft 365 Apps for Enterprise Microsoft Office Online Server

Description A use-after-free issue exists in Microsoft Office Excel, Microsoft Office, Microsoft 365 Apps for Enterprise, and Microsoft Office Online Server. This flaw could allow an unauthorized attacker to execute code locally. The vulnerability enables remote attackers to execute arbitrary code and affect the system. The issue involves the use of memory after it has been freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

BDU:2026-02975

CVE-2026-26107

Produtos afetados

Office Excel

PT-2026-24317 · Microsoft · Office Excel

CVE-2026-26107

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10