Microsoft Office Online Server

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Office Online Server.

Recent Microsoft Office Online Server Security Advisories

Advisory	Title	Published
CVE-2021-34451	Microsoft Office Online Server Spoofing Vulnerability	July 13, 2021

By the Year

In 2026 there have been 0 vulnerabilities in Microsoft Office Online Server. Last year, in 2025 Office Online Server had 30 security vulnerabilities published. Right now, Office Online Server is on track to have less security vulnerabilities in 2026 than it did last year.

Year	Vulnerabilities	Average Score
2026	0	0.00
2025	30	7.76
2024	3	7.80
2023	11	7.65
2022	13	6.89
2021	30	7.41
2020	29	7.31
2019	10	7.29
2018	6	6.82

It may take a day or so for new Office Online Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Office Online Server Security Vulnerabilities

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53735 7.8 - High - August 12, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53737 7.8 - High - August 12, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53739 7.8 - High - August 12, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53741 7.8 - High - August 12, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53759 7.8 - High - August 12, 2025

Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Use of Uninitialized Resource

Excel OOB Read Allows Local Info Disclosure
CVE-2025-48812 5.5 - Medium - July 08, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Out-of-bounds Read

Microsoft Office local code exec via Heap-based buffer overflow
CVE-2025-49697 8.4 - High - July 08, 2025

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Useafterfree in MS Excel permits local code execution
CVE-2025-49711 7.8 - High - July 08, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Use-after-free in Microsoft Office Excel Enables Local Code Exec
CVE-2025-47165 7.8 - High - June 10, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Microsoft Excel Type Confusion Local Code Exec
CVE-2025-30383 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

Excel Heap Overflow Allows Local Code Exec
CVE-2025-30376 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Memory Corruption

Use-Aft-Free in Microsoft Office Enables Local Code Exec
CVE-2025-30377 7.8 - High - May 13, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Dangling pointer

Microsoft Office Excel Invalid Pointer Release Enables Local Code Exec
CVE-2025-30379 7.8 - High - May 13, 2025

Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Release of Invalid Pointer or Reference

Out-of-bounds read in Microsoft Office Excel: Local code exec
CVE-2025-30381 7.8 - High - May 13, 2025

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

UAF in MS Office Excel enables local code exec
CVE-2025-29977 7.8 - High - May 13, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Heap overflow in Excel (Office) allows local code execution
CVE-2025-29979 7.8 - High - May 13, 2025

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Memory Corruption

Microsoft Excel Type Confusion Enables Local Code Execution
CVE-2025-30375 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Object Type Confusion

UAF in MS Office Enables Local Code Execution
CVE-2025-27746 7.8 - High - April 08, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Dangling pointer

Microsoft Excel UAF Allows Local Code Exec
CVE-2025-27751 7.8 - High - April 08, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Out-of-bounds Read in Microsoft Office Enabling Local Code Exec
CVE-2025-26642 7.8 - High - April 08, 2025

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

Out-of-bounds Read

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24075 7.8 - High - March 11, 2025

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Stack Overflow

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24081 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24082 7.8 - High - March 11, 2025

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Dangling pointer

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21381 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Untrusted Pointer Dereference

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21386 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21390 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21394 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21387 7.8 - High - February 11, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Microsoft Excel RCE Vulnerability CVE-2025-21354
CVE-2025-21354 7.8 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

Untrusted Pointer Dereference

Microsoft Excel RCE via Malformed XLSX
CVE-2025-21362 8.4 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability

Dangling pointer

Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49026 7.8 - High - November 12, 2024

Microsoft Excel Remote Code Execution Vulnerability

Command Injection

Microsoft Excel Elevation of Privilege Vulnerability CVE-2024-43465
CVE-2024-43465 7.8 - High - September 10, 2024

Microsoft Excel Elevation of Privilege Vulnerability

Dangling pointer

Microsoft Excel RCE Vulnerability
CVE-2024-30042 7.8 - High - May 14, 2024

Microsoft Excel Remote Code Execution Vulnerability

Sep 2023: Microsoft Excel Information Disclosure Vulnerability
CVE-2023-36766 7.8 - High - September 12, 2023

Microsoft Excel Information Disclosure Vulnerability

Out-of-bounds Read

Microsoft Excel RCE via Cell Formatting Exploit
CVE-2023-36896 7.8 - High - August 08, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Office RCE Vulnerability CVE-2023-35371
CVE-2023-35371 7.8 - High - August 08, 2023

Microsoft Office Remote Code Execution Vulnerability

Excel Info Disclosure via CSV Import (CVE-2023-33162)
CVE-2023-33162 5.5 - Medium - July 11, 2023

Microsoft Excel Information Disclosure Vulnerability

Jun 2023: Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-32029 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Out-of-bounds Read

Jun 2023: Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33133 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft Excel RCE via Formula Parsing (CVE-2023-33137)
CVE-2023-33137 7.8 - High - June 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel RCE Vulnerability CVE-2023-24953
CVE-2023-24953 7.8 - High - May 09, 2023

Microsoft Excel Remote Code Execution Vulnerability

MS Excel DoS via Malformed Input
CVE-2023-23396 6.5 - Medium - March 14, 2023

Microsoft Excel Denial of Service Vulnerability

Resource Exhaustion

Microsoft Excel RCE via CVE-2023-23399
CVE-2023-23399 7.8 - High - March 14, 2023

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Word RCE via Vulnerable Component
CVE-2023-21716 9.8 - Critical - February 14, 2023

Microsoft Word Remote Code Execution Vulnerability

Microsoft Excel RCE CVE-2022-41063
CVE-2022-41063 7.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-41106 8.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Word Info Disclosure Vulnerability
CVE-2022-41103 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability

MS Word RCE via Malicious OLE File
CVE-2022-41061 7.8 - High - November 09, 2022

Microsoft Word Remote Code Execution Vulnerability

Microsoft Word Info Disclosure via Malformed File
CVE-2022-41060 5.5 - Medium - November 09, 2022

Microsoft Word Information Disclosure Vulnerability

Microsoft Excel RCE CVE-2022-33648
CVE-2022-33648 7.8 - High - August 09, 2022

Microsoft Excel Remote Code Execution Vulnerability

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Office Online Server or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Office Online Server
Product

Microsoft Office Online Server

Don't miss out!

Recent Microsoft Office Online Server Security Advisories

By the Year

Recent Microsoft Office Online Server Security Vulnerabilities

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-53735 7.8 - High - August 12, 2025

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-53737 7.8 - High - August 12, 2025

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-53739 7.8 - High - August 12, 2025

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-53741 7.8 - High - August 12, 2025

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-53759 7.8 - High - August 12, 2025

Excel OOB Read Allows Local Info Disclosure CVE-2025-48812 5.5 - Medium - July 08, 2025

Microsoft Office local code exec via Heap-based buffer overflow CVE-2025-49697 8.4 - High - July 08, 2025

Useafterfree in MS Excel permits local code execution CVE-2025-49711 7.8 - High - July 08, 2025

Use-after-free in Microsoft Office Excel Enables Local Code Exec CVE-2025-47165 7.8 - High - June 10, 2025

Microsoft Excel Type Confusion Local Code Exec CVE-2025-30383 7.8 - High - May 13, 2025

Excel Heap Overflow Allows Local Code Exec CVE-2025-30376 7.8 - High - May 13, 2025

Use-Aft-Free in Microsoft Office Enables Local Code Exec CVE-2025-30377 7.8 - High - May 13, 2025

Microsoft Office Excel Invalid Pointer Release Enables Local Code Exec CVE-2025-30379 7.8 - High - May 13, 2025

Out-of-bounds read in Microsoft Office Excel: Local code exec CVE-2025-30381 7.8 - High - May 13, 2025

UAF in MS Office Excel enables local code exec CVE-2025-29977 7.8 - High - May 13, 2025

Heap overflow in Excel (Office) allows local code execution CVE-2025-29979 7.8 - High - May 13, 2025

Microsoft Excel Type Confusion Enables Local Code Execution CVE-2025-30375 7.8 - High - May 13, 2025

UAF in MS Office Enables Local Code Execution CVE-2025-27746 7.8 - High - April 08, 2025

Microsoft Excel UAF Allows Local Code Exec CVE-2025-27751 7.8 - High - April 08, 2025

Out-of-bounds Read in Microsoft Office Enabling Local Code Exec CVE-2025-26642 7.8 - High - April 08, 2025

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-24075 7.8 - High - March 11, 2025

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-24081 7.8 - High - March 11, 2025

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-24082 7.8 - High - March 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21381 7.8 - High - February 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21386 7.8 - High - February 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21390 7.8 - High - February 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21394 7.8 - High - February 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability CVE-2025-21387 7.8 - High - February 11, 2025

Microsoft Excel RCE Vulnerability CVE-2025-21354 CVE-2025-21354 7.8 - High - January 14, 2025

Microsoft Excel RCE via Malformed XLSX CVE-2025-21362 8.4 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability CVE-2024-49026 7.8 - High - November 12, 2024

Microsoft Excel Elevation of Privilege Vulnerability CVE-2024-43465 CVE-2024-43465 7.8 - High - September 10, 2024

Microsoft Excel RCE Vulnerability CVE-2024-30042 7.8 - High - May 14, 2024

Sep 2023: Microsoft Excel Information Disclosure Vulnerability CVE-2023-36766 7.8 - High - September 12, 2023

Microsoft Excel RCE via Cell Formatting Exploit CVE-2023-36896 7.8 - High - August 08, 2023

Microsoft Office RCE Vulnerability CVE-2023-35371 CVE-2023-35371 7.8 - High - August 08, 2023

Excel Info Disclosure via CSV Import (CVE-2023-33162) CVE-2023-33162 5.5 - Medium - July 11, 2023

Jun 2023: Microsoft Excel Remote Code Execution Vulnerability CVE-2023-32029 7.8 - High - June 14, 2023

Jun 2023: Microsoft Excel Remote Code Execution Vulnerability CVE-2023-33133 7.8 - High - June 14, 2023

Microsoft Excel RCE via Formula Parsing (CVE-2023-33137) CVE-2023-33137 7.8 - High - June 14, 2023

Microsoft Excel RCE Vulnerability CVE-2023-24953 CVE-2023-24953 7.8 - High - May 09, 2023

MS Excel DoS via Malformed Input CVE-2023-23396 6.5 - Medium - March 14, 2023

Microsoft Excel RCE via CVE-2023-23399 CVE-2023-23399 7.8 - High - March 14, 2023

Microsoft Word RCE via Vulnerable Component CVE-2023-21716 9.8 - Critical - February 14, 2023

Microsoft Excel RCE CVE-2022-41063 CVE-2022-41063 7.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability CVE-2022-41106 8.8 - High - November 09, 2022

Microsoft Word Info Disclosure Vulnerability CVE-2022-41103 5.5 - Medium - November 09, 2022

MS Word RCE via Malicious OLE File CVE-2022-41061 7.8 - High - November 09, 2022

Microsoft Word Info Disclosure via Malformed File CVE-2022-41060 5.5 - Medium - November 09, 2022

Microsoft Excel RCE CVE-2022-33648 CVE-2022-33648 7.8 - High - August 09, 2022

Stay on top of Security Vulnerabilities

Microsoft Vendor

Microsoft Office Online ServerProduct

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53735 7.8 - High - August 12, 2025

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53737 7.8 - High - August 12, 2025

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53739 7.8 - High - August 12, 2025

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53741 7.8 - High - August 12, 2025

Aug 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53759 7.8 - High - August 12, 2025

Excel OOB Read Allows Local Info Disclosure
CVE-2025-48812 5.5 - Medium - July 08, 2025

Microsoft Office local code exec via Heap-based buffer overflow
CVE-2025-49697 8.4 - High - July 08, 2025

Useafterfree in MS Excel permits local code execution
CVE-2025-49711 7.8 - High - July 08, 2025

Use-after-free in Microsoft Office Excel Enables Local Code Exec
CVE-2025-47165 7.8 - High - June 10, 2025

Microsoft Excel Type Confusion Local Code Exec
CVE-2025-30383 7.8 - High - May 13, 2025

Excel Heap Overflow Allows Local Code Exec
CVE-2025-30376 7.8 - High - May 13, 2025

Use-Aft-Free in Microsoft Office Enables Local Code Exec
CVE-2025-30377 7.8 - High - May 13, 2025

Microsoft Office Excel Invalid Pointer Release Enables Local Code Exec
CVE-2025-30379 7.8 - High - May 13, 2025

Out-of-bounds read in Microsoft Office Excel: Local code exec
CVE-2025-30381 7.8 - High - May 13, 2025

UAF in MS Office Excel enables local code exec
CVE-2025-29977 7.8 - High - May 13, 2025

Heap overflow in Excel (Office) allows local code execution
CVE-2025-29979 7.8 - High - May 13, 2025

Microsoft Excel Type Confusion Enables Local Code Execution
CVE-2025-30375 7.8 - High - May 13, 2025

UAF in MS Office Enables Local Code Execution
CVE-2025-27746 7.8 - High - April 08, 2025

Microsoft Excel UAF Allows Local Code Exec
CVE-2025-27751 7.8 - High - April 08, 2025

Out-of-bounds Read in Microsoft Office Enabling Local Code Exec
CVE-2025-26642 7.8 - High - April 08, 2025

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24075 7.8 - High - March 11, 2025

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24081 7.8 - High - March 11, 2025

Mar 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-24082 7.8 - High - March 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21381 7.8 - High - February 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21386 7.8 - High - February 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21390 7.8 - High - February 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21394 7.8 - High - February 11, 2025

Feb 2025: Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-21387 7.8 - High - February 11, 2025

Microsoft Excel RCE Vulnerability CVE-2025-21354
CVE-2025-21354 7.8 - High - January 14, 2025

Microsoft Excel RCE via Malformed XLSX
CVE-2025-21362 8.4 - High - January 14, 2025

Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-49026 7.8 - High - November 12, 2024

Microsoft Excel Elevation of Privilege Vulnerability CVE-2024-43465
CVE-2024-43465 7.8 - High - September 10, 2024

Microsoft Excel RCE Vulnerability
CVE-2024-30042 7.8 - High - May 14, 2024

Sep 2023: Microsoft Excel Information Disclosure Vulnerability
CVE-2023-36766 7.8 - High - September 12, 2023

Microsoft Excel RCE via Cell Formatting Exploit
CVE-2023-36896 7.8 - High - August 08, 2023

Microsoft Office RCE Vulnerability CVE-2023-35371
CVE-2023-35371 7.8 - High - August 08, 2023

Excel Info Disclosure via CSV Import (CVE-2023-33162)
CVE-2023-33162 5.5 - Medium - July 11, 2023

Jun 2023: Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-32029 7.8 - High - June 14, 2023

Jun 2023: Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33133 7.8 - High - June 14, 2023

Microsoft Excel RCE via Formula Parsing (CVE-2023-33137)
CVE-2023-33137 7.8 - High - June 14, 2023

Microsoft Excel RCE Vulnerability CVE-2023-24953
CVE-2023-24953 7.8 - High - May 09, 2023

MS Excel DoS via Malformed Input
CVE-2023-23396 6.5 - Medium - March 14, 2023

Microsoft Excel RCE via CVE-2023-23399
CVE-2023-23399 7.8 - High - March 14, 2023

Microsoft Word RCE via Vulnerable Component
CVE-2023-21716 9.8 - Critical - February 14, 2023

Microsoft Excel RCE CVE-2022-41063
CVE-2022-41063 7.8 - High - November 09, 2022

Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-41106 8.8 - High - November 09, 2022

Microsoft Word Info Disclosure Vulnerability
CVE-2022-41103 5.5 - Medium - November 09, 2022

MS Word RCE via Malicious OLE File
CVE-2022-41061 7.8 - High - November 09, 2022

Microsoft Word Info Disclosure via Malformed File
CVE-2022-41060 5.5 - Medium - November 09, 2022

Microsoft Excel RCE CVE-2022-33648
CVE-2022-33648 7.8 - High - August 09, 2022

Microsoft
Vendor

Microsoft Office Online Server
Product