Microsoft Excel 2016
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Excel 2016.
By the Year
In 2026 there have been 6 vulnerabilities in Microsoft Excel 2016 with an average score of 7.0 out of ten. Last year, in 2025 Excel 2016 had 55 security vulnerabilities published. Right now, Excel 2016 is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 0.61
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 6 | 7.03 |
| 2025 | 55 | 7.65 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 6 | 7.20 |
It may take a day or so for new Excel 2016 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Excel 2016 Security Vulnerabilities
Feb 2026: Microsoft Excel Information Disclosure Vulnerability
CVE-2026-21261
5.5 - Medium
- February 10, 2026
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Out-of-bounds Read
Feb 2026: Microsoft Excel Information Disclosure Vulnerability
CVE-2026-21258
5.5 - Medium
- February 10, 2026
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Improper Input Validation
Feb 2026: Microsoft Excel Elevation of Privilege Vulnerability
CVE-2026-21259
7.8 - High
- February 10, 2026
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
Jan 2026: Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-20957
7.8 - High
- January 13, 2026
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Integer underflow
Jan 2026: Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-20950
7.8 - High
- January 13, 2026
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Jan 2026: Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-20946
7.8 - High
- January 13, 2026
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62560
7.8 - High
- December 09, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Untrusted Pointer Dereference
Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62556
7.8 - High
- December 09, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Untrusted Pointer Dereference
Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62553
7.8 - High
- December 09, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62564
7.8 - High
- December 09, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62563
7.8 - High
- December 09, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62561
7.8 - High
- December 09, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Untrusted Pointer Dereference
Nov 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62203
7.8 - High
- November 11, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Nov 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-62202
7.1 - High
- November 11, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Out-of-bounds Read
Nov 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62201
7.8 - High
- November 11, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
Nov 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62200
7.8 - High
- November 11, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Untrusted Pointer Dereference
Nov 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-59240
5.5 - Medium
- November 11, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Information Disclosure
Nov 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-60727
7.8 - High
- November 11, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
Nov 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-60726
7.1 - High
- November 11, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Out-of-bounds Read
Oct 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-59232
7.1 - High
- October 14, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Out-of-bounds Read
Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59225
7.8 - High
- October 14, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59224
7.8 - High
- October 14, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59223
7.8 - High
- October 14, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Oct 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-59235
7.1 - High
- October 14, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Out-of-bounds Read
Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59233
7.8 - High
- October 14, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Object Type Confusion
Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59231
7.8 - High
- October 14, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Object Type Confusion
Sep 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-54901
5.5 - Medium
- September 09, 2025
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Buffer Over-read
Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54900
7.8 - High
- September 09, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54904
7.8 - High
- September 09, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54903
7.8 - High
- September 09, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54899
7.8 - High
- September 09, 2025
Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Free of Memory not on the Heap
Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54902
7.8 - High
- September 09, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54898
7.8 - High
- September 09, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54896
7.8 - High
- September 09, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53735
7.8 - High
- August 12, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53737
7.8 - High
- August 12, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53739
7.8 - High
- August 12, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Object Type Confusion
Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53741
7.8 - High
- August 12, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
Jul 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-48812
5.5 - Medium
- July 08, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Out-of-bounds Read
Jul 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-49711
7.8 - High
- July 08, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Jun 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-47165
7.8 - High
- June 10, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30383
7.8 - High
- May 13, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Object Type Confusion
May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-32704
8.4 - High
- May 13, 2025
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Buffer Over-read
May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30381
7.8 - High
- May 13, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Out-of-bounds Read
May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30376
7.8 - High
- May 13, 2025
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30379
7.8 - High
- May 13, 2025
Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Release of Invalid Pointer or Reference
May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-29977
7.8 - High
- May 13, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30375
7.8 - High
- May 13, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Object Type Confusion
Apr 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-27750
7.8 - High
- April 08, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Apr 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-27751
7.8 - High
- April 08, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Dangling pointer
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Excel 2016 or by Microsoft? Click the Watch button to subscribe.
