Microsoft Office Online Server

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Office Online Server.

Recent Microsoft Office Online Server Security Advisories

Advisory	Title	Published
CVE-2021-34451	Microsoft Office Online Server Spoofing Vulnerability	July 13, 2021

By the Year

In 2025 there have been 18 vulnerabilities in Microsoft Office Online Server with an average score of 7.8 out of ten. Last year, in 2024 Office Online Server had 3 security vulnerabilities published. That is, 15 more vulnerabilities have already been reported in 2025 as compared to last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.03.

Year	Vulnerabilities	Average Score
2025	18	7.83
2024	3	7.80
2023	11	7.45
2022	13	6.89
2021	30	7.41
2020	29	7.31
2019	10	7.29
2018	6	6.82

It may take a day or so for new Office Online Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Office Online Server Security Vulnerabilities

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel

CVE-2025-30383 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

Heap-based buffer overflow in Microsoft Office Excel

CVE-2025-30376 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Memory Corruption

Use after free in Microsoft Office

CVE-2025-30377 7.8 - High - May 13, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Dangling pointer

Release of invalid pointer or reference in Microsoft Office Excel

CVE-2025-30379 7.8 - High - May 13, 2025

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Release of Invalid Pointer or Reference

Out-of-bounds read in Microsoft Office Excel

CVE-2025-30381 7.8 - High - May 13, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

Use after free in Microsoft Office Excel

CVE-2025-29977 7.8 - High - May 13, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Heap-based buffer overflow in Microsoft Office Excel

CVE-2025-29979 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Memory Corruption

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel

CVE-2025-30375 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

Stack-based buffer overflow in Microsoft Office Excel

CVE-2025-24075 7.8 - High - March 11, 2025

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Stack Overflow

Use after free in Microsoft Office Excel

CVE-2025-24081 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Use after free in Microsoft Office Excel

CVE-2025-24082 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21381 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Untrusted Pointer Dereference

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21386 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21390 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21394 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21387 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21354 7.8 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

Untrusted Pointer Dereference

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21362 8.4 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-49026 7.8 - High - November 12, 2024

Microsoft Excel Remote Code Execution Vulnerability

Command Injection

Microsoft Excel Elevation of Privilege Vulnerability

CVE-2024-43465 7.8 - High - September 10, 2024

Microsoft Excel Elevation of Privilege Vulnerability

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-30042 7.8 - High - May 14, 2024

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Information Disclosure Vulnerability

CVE-2023-36766 5.5 - Medium - September 12, 2023

Microsoft Excel Information Disclosure Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-36896 7.8 - High - August 08, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Office Remote Code Execution Vulnerability

CVE-2023-35371 7.8 - High - August 08, 2023

Microsoft Office Remote Code Execution Vulnerability

Microsoft Excel Information Disclosure Vulnerability

CVE-2023-33162 5.5 - Medium - July 11, 2023

Microsoft Excel Information Disclosure Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-32029 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-33133 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-33137 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-24953 7.8 - High - May 09, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Denial of Service Vulnerability

CVE-2023-23396 6.5 - Medium - March 14, 2023

Microsoft Excel Denial of Service Vulnerability

Resource Exhaustion

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-23399 7.8 - High - March 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Word Remote Code Execution Vulnerability

CVE-2023-21716 9.8 - Critical - February 14, 2023

Microsoft Word Remote Code Execution Vulnerability

Microsoft Word Information Disclosure Vulnerability

CVE-2022-41060 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability

Microsoft Word Remote Code Execution Vulnerability

CVE-2022-41061 7.8 - High - November 09, 2022

Microsoft Word Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-41063 7.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Word Information Disclosure Vulnerability

CVE-2022-41103 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-41106 8.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-33648 7.8 - High - August 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30159 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30171 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30172 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-29109 7.8 - High - May 10, 2022

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-26901 7.8 - High - April 15, 2022

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Information Disclosure Vulnerability

CVE-2022-22716 5.5 - Medium - February 09, 2022

Microsoft Excel Information Disclosure Vulnerability

Buffer Overflow

Microsoft Office Remote Code Execution Vulnerability

CVE-2022-21840 8.8 - High - January 11, 2022

Microsoft Office Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-43256 7.8 - High - December 15, 2021

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40442 7.8 - High - November 10, 2021

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Word Remote Code Execution Vulnerability

CVE-2021-40486 7.8 - High - October 13, 2021

Microsoft Word Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40485 7.8 - High - October 13, 2021

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40474 7.8 - High - October 13, 2021

Microsoft Excel Remote Code Execution Vulnerability

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Office Web Apps Server or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Office Online Server
Product

Microsoft Office Online Server

Don't miss out!

Recent Microsoft Office Online Server Security Advisories

By the Year

Recent Microsoft Office Online Server Security Vulnerabilities

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel CVE-2025-30383 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel CVE-2025-30376 7.8 - High - May 13, 2025

Use after free in Microsoft Office CVE-2025-30377 7.8 - High - May 13, 2025

Release of invalid pointer or reference in Microsoft Office Excel CVE-2025-30379 7.8 - High - May 13, 2025

Out-of-bounds read in Microsoft Office Excel CVE-2025-30381 7.8 - High - May 13, 2025

Use after free in Microsoft Office Excel CVE-2025-29977 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel CVE-2025-29979 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel CVE-2025-30375 7.8 - High - May 13, 2025

Stack-based buffer overflow in Microsoft Office Excel CVE-2025-24075 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel CVE-2025-24081 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel CVE-2025-24082 7.8 - High - March 11, 2025

Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21381 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21386 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21390 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21394 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21387 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21354 7.8 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21362 8.4 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability CVE-2024-49026 7.8 - High - November 12, 2024

Microsoft Excel Elevation of Privilege Vulnerability CVE-2024-43465 7.8 - High - September 10, 2024

Microsoft Excel Remote Code Execution Vulnerability CVE-2024-30042 7.8 - High - May 14, 2024

Microsoft Excel Information Disclosure Vulnerability CVE-2023-36766 5.5 - Medium - September 12, 2023

Microsoft Excel Remote Code Execution Vulnerability CVE-2023-36896 7.8 - High - August 08, 2023

Microsoft Office Remote Code Execution Vulnerability CVE-2023-35371 7.8 - High - August 08, 2023

Microsoft Excel Information Disclosure Vulnerability CVE-2023-33162 5.5 - Medium - July 11, 2023

Microsoft Excel Remote Code Execution Vulnerability CVE-2023-32029 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability CVE-2023-33133 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability CVE-2023-33137 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability CVE-2023-24953 7.8 - High - May 09, 2023

Microsoft Excel Denial of Service Vulnerability CVE-2023-23396 6.5 - Medium - March 14, 2023

Microsoft Excel Remote Code Execution Vulnerability CVE-2023-23399 7.8 - High - March 14, 2023

Microsoft Word Remote Code Execution Vulnerability CVE-2023-21716 9.8 - Critical - February 14, 2023

Microsoft Word Information Disclosure Vulnerability CVE-2022-41060 5.5 - Medium - November 09, 2022

Microsoft Word Remote Code Execution Vulnerability CVE-2022-41061 7.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability CVE-2022-41063 7.8 - High - November 09, 2022

Microsoft Word Information Disclosure Vulnerability CVE-2022-41103 5.5 - Medium - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability CVE-2022-41106 8.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability CVE-2022-33648 7.8 - High - August 09, 2022

Microsoft Office Information Disclosure Vulnerability CVE-2022-30159 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability CVE-2022-30171 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability CVE-2022-30172 5.5 - Medium - June 15, 2022

Microsoft Excel Remote Code Execution Vulnerability CVE-2022-29109 7.8 - High - May 10, 2022

Microsoft Excel Remote Code Execution Vulnerability CVE-2022-26901 7.8 - High - April 15, 2022

Microsoft Excel Information Disclosure Vulnerability CVE-2022-22716 5.5 - Medium - February 09, 2022

Microsoft Office Remote Code Execution Vulnerability CVE-2022-21840 8.8 - High - January 11, 2022

Microsoft Excel Remote Code Execution Vulnerability CVE-2021-43256 7.8 - High - December 15, 2021

Microsoft Excel Remote Code Execution Vulnerability CVE-2021-40442 7.8 - High - November 10, 2021

Microsoft Word Remote Code Execution Vulnerability CVE-2021-40486 7.8 - High - October 13, 2021

Microsoft Excel Remote Code Execution Vulnerability CVE-2021-40485 7.8 - High - October 13, 2021

Microsoft Excel Remote Code Execution Vulnerability CVE-2021-40474 7.8 - High - October 13, 2021

Stay on top of Security Vulnerabilities

Microsoft Vendor

Microsoft Office Online ServerProduct

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel

CVE-2025-30383 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel

CVE-2025-30376 7.8 - High - May 13, 2025

Use after free in Microsoft Office

CVE-2025-30377 7.8 - High - May 13, 2025

Release of invalid pointer or reference in Microsoft Office Excel

CVE-2025-30379 7.8 - High - May 13, 2025

Out-of-bounds read in Microsoft Office Excel

CVE-2025-30381 7.8 - High - May 13, 2025

Use after free in Microsoft Office Excel

CVE-2025-29977 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel

CVE-2025-29979 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel

CVE-2025-30375 7.8 - High - May 13, 2025

Stack-based buffer overflow in Microsoft Office Excel

CVE-2025-24075 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel

CVE-2025-24081 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel

CVE-2025-24082 7.8 - High - March 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21381 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21386 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21390 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21394 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21387 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21354 7.8 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-21362 8.4 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-49026 7.8 - High - November 12, 2024

Microsoft Excel Elevation of Privilege Vulnerability

CVE-2024-43465 7.8 - High - September 10, 2024

Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-30042 7.8 - High - May 14, 2024

Microsoft Excel Information Disclosure Vulnerability

CVE-2023-36766 5.5 - Medium - September 12, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-36896 7.8 - High - August 08, 2023

Microsoft Office Remote Code Execution Vulnerability

CVE-2023-35371 7.8 - High - August 08, 2023

Microsoft Excel Information Disclosure Vulnerability

CVE-2023-33162 5.5 - Medium - July 11, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-32029 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-33133 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-33137 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-24953 7.8 - High - May 09, 2023

Microsoft Excel Denial of Service Vulnerability

CVE-2023-23396 6.5 - Medium - March 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

CVE-2023-23399 7.8 - High - March 14, 2023

Microsoft Word Remote Code Execution Vulnerability

CVE-2023-21716 9.8 - Critical - February 14, 2023

Microsoft Word Information Disclosure Vulnerability

CVE-2022-41060 5.5 - Medium - November 09, 2022

Microsoft Word Remote Code Execution Vulnerability

CVE-2022-41061 7.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-41063 7.8 - High - November 09, 2022

Microsoft Word Information Disclosure Vulnerability

CVE-2022-41103 5.5 - Medium - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-41106 8.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-33648 7.8 - High - August 09, 2022

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30159 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30171 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30172 5.5 - Medium - June 15, 2022

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-29109 7.8 - High - May 10, 2022

Microsoft Excel Remote Code Execution Vulnerability

CVE-2022-26901 7.8 - High - April 15, 2022

Microsoft Excel Information Disclosure Vulnerability

CVE-2022-22716 5.5 - Medium - February 09, 2022

Microsoft Office Remote Code Execution Vulnerability

CVE-2022-21840 8.8 - High - January 11, 2022

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-43256 7.8 - High - December 15, 2021

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40442 7.8 - High - November 10, 2021

Microsoft Word Remote Code Execution Vulnerability

CVE-2021-40486 7.8 - High - October 13, 2021

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40485 7.8 - High - October 13, 2021

Microsoft Excel Remote Code Execution Vulnerability

CVE-2021-40474 7.8 - High - October 13, 2021

Microsoft
Vendor

Microsoft Office Online Server
Product