CVE-2026-23657

Name of the Vulnerable Software and Affected Versions Microsoft 365 Apps for Enterprise versions 16.0.1 through 16.0.1

Description A use-after-free issue in Microsoft Office Word allows an unauthorized attacker to achieve local remote code execution. This occurs by tricking a user into opening a malicious document that triggers memory corruption during processing. Use-after-free is a condition where a program continues to use a pointer after it has been freed, which can lead to crashes or arbitrary code execution.

Recommendations Update Microsoft 365 Apps for Enterprise to a version newer than 16.0.1.