Office Online Server Microsoft Office Online Server

  1. Vendors
  2. Microsoft
  3. Office Online Server

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Office Online Server.

Recent Microsoft Office Online Server Security Advisories

Advisory Title Published
CVE-2021-34451 Microsoft Office Online Server Spoofing Vulnerability July 13, 2021

By the Year

In 2026 there have been 0 vulnerabilities in Microsoft Office Online Server. Last year, in 2025 Office Online Server had 30 security vulnerabilities published. Right now, Office Online Server is on track to have less security vulnerabilities in 2026 than it did last year.




Year Vulnerabilities Average Score
2026 0 0.00
2025 30 7.80
2024 3 7.80
2023 11 7.65
2022 13 6.89
2021 30 7.41
2020 30 7.32
2019 10 8.80
2018 6 7.80

It may take a day or so for new Office Online Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Office Online Server Security Vulnerabilities

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53735 7.8 - High - August 12, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53737 7.8 - High - August 12, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53739 7.8 - High - August 12, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53741 7.8 - High - August 12, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53759 7.8 - High - August 12, 2025

Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Use of Uninitialized Resource

Jul 2025: Microsoft Excel Information Disclosure Vulnerability
CVE-2025-48812 5.5 - Medium - July 08, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Out-of-bounds Read

Jul 2025: Microsoft Office Remote Code Execution Vulnerability
CVE-2025-49697 8.4 - High - July 08, 2025

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Jul 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-49711 7.8 - High - July 08, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Jun 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-47165 7.8 - High - June 10, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30383 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30376 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

May 2025: Microsoft Office Remote Code Execution Vulnerability
CVE-2025-30377 8.4 - High - May 13, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Dangling pointer

May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30379 7.8 - High - May 13, 2025

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Release of Invalid Pointer or Reference

May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30381 7.8 - High - May 13, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-29977 7.8 - High - May 13, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-29979 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

May 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-30375 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

Apr 2025: Microsoft Office Remote Code Execution Vulnerability
CVE-2025-27746 7.8 - High - April 08, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Dangling pointer

Apr 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-27751 7.8 - High - April 08, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Apr 2025: Microsoft Office Remote Code Execution Vulnerability
CVE-2025-26642 7.8 - High - April 08, 2025

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24075 7.8 - High - March 11, 2025

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Stack Overflow

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24081 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24082 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21381 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Untrusted Pointer Dereference

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21386 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21390 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21394 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21387 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Jan 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21354 8.4 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

Untrusted Pointer Dereference

Jan 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21362 8.4 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49026 7.8 - High - November 12, 2024

Microsoft Excel Remote Code Execution Vulnerability

Command Injection

Microsoft Excel Elevation of Privilege Vulnerability CVE-2024-43465
CVE-2024-43465 7.8 - High - September 10, 2024

Microsoft Excel Elevation of Privilege Vulnerability

Dangling pointer

Microsoft Excel RCE Vulnerability
CVE-2024-30042 7.8 - High - May 14, 2024

Microsoft Excel Remote Code Execution Vulnerability

Sep 2023: Microsoft Excel Information Disclosure Vulnerability
CVE-2023-36766 7.8 - High - September 12, 2023

Microsoft Excel Information Disclosure Vulnerability

Out-of-bounds Read

Microsoft Excel RCE via Cell Formatting Exploit
CVE-2023-36896 7.8 - High - August 08, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Office RCE Vulnerability CVE-2023-35371
CVE-2023-35371 7.8 - High - August 08, 2023

Microsoft Office Remote Code Execution Vulnerability

Excel Info Disclosure via CSV Import (CVE-2023-33162)
CVE-2023-33162 5.5 - Medium - July 11, 2023

Microsoft Excel Information Disclosure Vulnerability

Microsoft Excel RCE via Formula Parsing (CVE-2023-33137)
CVE-2023-33137 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Jun 2023: Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33133 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Jun 2023: Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-32029 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Out-of-bounds Read

Microsoft Excel RCE Vulnerability CVE-2023-24953
CVE-2023-24953 7.8 - High - May 09, 2023

Microsoft Excel Remote Code Execution Vulnerability

MS Excel DoS via Malformed Input
CVE-2023-23396 6.5 - Medium - March 14, 2023

Microsoft Excel Denial of Service Vulnerability

Resource Exhaustion

Microsoft Excel RCE via CVE-2023-23399
CVE-2023-23399 7.8 - High - March 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Word RCE via Vulnerable Component
CVE-2023-21716 9.8 - Critical - February 14, 2023

Microsoft Word Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-41106 8.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Word Info Disclosure Vulnerability
CVE-2022-41103 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability

Microsoft Excel RCE CVE-2022-41063
CVE-2022-41063 7.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

MS Word RCE via Malicious OLE File
CVE-2022-41061 7.8 - High - November 09, 2022

Microsoft Word Remote Code Execution Vulnerability

Microsoft Word Info Disclosure via Malformed File
CVE-2022-41060 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability

Microsoft Excel RCE CVE-2022-33648
CVE-2022-33648 7.8 - High - August 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Office Online Server or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Office Online Server
Product

subscribe