Excel 2016 Microsoft Excel 2016

  1. Vendors
  2. Microsoft
  3. Excel 2016

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Excel 2016.

By the Year

In 2026 there have been 6 vulnerabilities in Microsoft Excel 2016 with an average score of 7.0 out of ten. Last year, in 2025 Excel 2016 had 41 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Excel 2016 in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.59

Year Vulnerabilities Average Score
2026 6 7.03
2025 41 7.62

It may take a day or so for new Excel 2016 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Excel 2016 Security Vulnerabilities

Feb 2026: Microsoft Excel Information Disclosure Vulnerability
CVE-2026-21261 5.5 - Medium - February 10, 2026

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Out-of-bounds Read

Feb 2026: Microsoft Excel Information Disclosure Vulnerability
CVE-2026-21258 5.5 - Medium - February 10, 2026

Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Improper Input Validation

Feb 2026: Microsoft Excel Elevation of Privilege Vulnerability
CVE-2026-21259 7.8 - High - February 10, 2026

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

Heap-based Buffer Overflow

Jan 2026: Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-20957 7.8 - High - January 13, 2026

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Integer underflow

Jan 2026: Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-20950 7.8 - High - January 13, 2026

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Jan 2026: Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-20946 7.8 - High - January 13, 2026

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62560 7.8 - High - December 09, 2025

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Untrusted Pointer Dereference

Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62556 7.8 - High - December 09, 2025

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Untrusted Pointer Dereference

Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62553 7.8 - High - December 09, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62564 7.8 - High - December 09, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62563 7.8 - High - December 09, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Dec 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62561 7.8 - High - December 09, 2025

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Untrusted Pointer Dereference

Nov 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62203 7.8 - High - November 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Nov 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-62202 7.1 - High - November 11, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Out-of-bounds Read

Nov 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62201 7.8 - High - November 11, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Nov 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-62200 7.8 - High - November 11, 2025

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Untrusted Pointer Dereference

Nov 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-59240 5.5 - Medium - November 11, 2025

Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Information Disclosure

Nov 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-60727 7.8 - High - November 11, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

Nov 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-60726 7.1 - High - November 11, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Out-of-bounds Read

Oct 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-59232 7.1 - High - October 14, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Out-of-bounds Read

Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59225 7.8 - High - October 14, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59224 7.8 - High - October 14, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59223 7.8 - High - October 14, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Oct 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-59235 7.1 - High - October 14, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Out-of-bounds Read

Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59233 7.8 - High - October 14, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

Oct 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59231 7.8 - High - October 14, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

Sep 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-54901 5.5 - Medium - September 09, 2025

Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Buffer Over-read

Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54900 7.8 - High - September 09, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54904 7.8 - High - September 09, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54903 7.8 - High - September 09, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54899 7.8 - High - September 09, 2025

Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Free of Memory not on the Heap

Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54902 7.8 - High - September 09, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54898 7.8 - High - September 09, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

Sep 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-54896 7.8 - High - September 09, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53735 7.8 - High - August 12, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53741 7.8 - High - August 12, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53739 7.8 - High - August 12, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53737 7.8 - High - August 12, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24075 7.8 - High - March 11, 2025

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Stack Overflow

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24081 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24082 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21390 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21394 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21387 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21386 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Feb 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-21383 7.8 - High - February 11, 2025

Microsoft Excel Information Disclosure Vulnerability

Out-of-bounds Read

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21381 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Untrusted Pointer Dereference

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Excel 2016 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Excel 2016
Product

subscribe