Microsoft Word
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Word.
Recent Microsoft Word Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2025-69873 | CVE-2025-69873 ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which | February 27, 2026 |
| CVE-2026-21514 | CVE-2026-21514 Microsoft Word Security Feature Bypass Vulnerability | February 10, 2026 |
| CVE-2026-21521 | CVE-2026-21521 Word Copilot Information Disclosure Vulnerability | January 22, 2026 |
| CVE-2026-20948 | CVE-2026-20948 Microsoft Word Remote Code Execution Vulnerability | January 13, 2026 |
| CVE-2026-20944 | CVE-2026-20944 Microsoft Word Remote Code Execution Vulnerability | January 13, 2026 |
| CVE-2007-2768 | CVE-2007-2768 OpenSSH when using OPIE (One-Time Passwords in Everything) for PAM allows remote attackers to determine the existence of certain user accounts which displays a different response if the user account exists and is configured to use one-t | January 1, 2026 |
| CVE-2024-26836 | CVE-2024-26836 platform/x86: think-lmi: Fix password opcode ordering for workstations | January 1, 2026 |
| CVE-2021-20270 | CVE-2021-20270 An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file as demonstrated by input that only contains the "exception" keyword. | January 1, 2026 |
| CVE-2024-3096 | CVE-2024-3096 PHP function password_verify can erroneously return true when argument contains NUL | January 1, 2026 |
| CVE-2021-43666 | CVE-2021-43666 A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. | January 1, 2026 |
Known Exploited Microsoft Word Vulnerabilities
The following Microsoft Word vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Microsoft Word Information Disclosure Vulnerability |
Microsoft Word contains an unspecified vulnerability that allows for information disclosure. CVE-2023-36761 Exploit Probability: 7.3% |
September 12, 2023 |
| Microsoft Word Malformed Object Pointer Vulnerability |
Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code. CVE-2006-2492 Exploit Probability: 83.2% |
June 8, 2022 |
| Microsoft Word Remote Code Execution Vulnerability |
Microsoft Word allows attackers to execute remote code or cause a denial-of-service via crafted RTF data. CVE-2012-2539 Exploit Probability: 84.4% |
March 28, 2022 |
| Microsoft Word Memory Corruption Vulnerability |
Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution. CVE-2014-1761 Exploit Probability: 93.1% |
February 15, 2022 |
Of the known exploited vulnerabilities above, 3 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings.
By the Year
In 2026 there have been 0 vulnerabilities in Microsoft Word. Last year, in 2025 Word had 13 security vulnerabilities published. Right now, Word is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 13 | 7.62 |
| 2024 | 5 | 7.14 |
| 2023 | 8 | 7.69 |
| 2022 | 8 | 6.65 |
| 2021 | 8 | 7.51 |
| 2020 | 15 | 7.36 |
| 2019 | 6 | 7.37 |
| 2018 | 27 | 8.13 |
It may take a day or so for new Word vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Word Security Vulnerabilities
Aug 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-53733
8.4 - High
- August 12, 2025
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Incorrect Conversion between Numeric Types
Aug 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-53738
7.8 - High
- August 12, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Aug 2025: Microsoft Word Information Disclosure Vulnerability
CVE-2025-53736
6.8 - Medium
- August 12, 2025
Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Buffer Over-read
Jul 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-49703
7.8 - High
- July 08, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Jul 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-49698
7.8 - High
- July 08, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Jul 2025: Microsoft Office Remote Code Execution Vulnerability
CVE-2025-49699
7 - High
- July 08, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Dangling pointer
Jul 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-49700
7.8 - High
- July 08, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Jun 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-47168
7.8 - High
- June 10, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Jun 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-47169
7.8 - High
- June 10, 2025
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
Apr 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-27747
7.8 - High
- April 08, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Untrusted Pointer Dereference
Apr 2025: Microsoft Word Security Feature Bypass Vulnerability
CVE-2025-29816
7.5 - High
- April 08, 2025
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
Acceptance of Extraneous Untrusted Data With Trusted Data
Mar 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-24079
7.8 - High
- March 11, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Mar 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-24078
7 - High
- March 11, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Microsoft Word Library Injection Vulnerability on macOS
CVE-2024-41165
7.1 - High
- December 18, 2024
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
Improper Verification of Cryptographic Signature
Microsoft Office RCE Vulnerability CVE-2024-49065
CVE-2024-49065
5.5 - Medium
- December 12, 2024
Microsoft Office Remote Code Execution Vulnerability
Out-of-bounds Read
Microsoft Word Security Feature Bypass Vulnerability
CVE-2024-49033
7.5 - High
- November 12, 2024
Microsoft Word Security Feature Bypass Vulnerability
Improper Input Validation
Microsoft Word RCE via Malformed Document (CVE-2024-21379)
CVE-2024-21379
7.8 - High
- February 13, 2024
Microsoft Word Remote Code Execution Vulnerability
Microsoft Office RCE via Office Component
CVE-2024-20673
7.8 - High
- February 13, 2024
Microsoft Office Remote Code Execution Vulnerability
Microsoft Word Info Disclosure (CVE-2023-36009)
CVE-2023-36009
5.5 - Medium
- December 12, 2023
Microsoft Word Information Disclosure Vulnerability
Sep 2023: Microsoft Word Information Disclosure Vulnerability
CVE-2023-36761
6.5 - Medium
- September 12, 2023
Microsoft Word Information Disclosure Vulnerability
Improper Input Validation
Sep 2023: Microsoft Word Remote Code Execution Vulnerability
CVE-2023-36762
7.3 - High
- September 12, 2023
Microsoft Word Remote Code Execution Vulnerability
Improper Input Validation
Jul 2023: Windows Search Remote Code Execution Vulnerability
CVE-2023-36884
7.5 - High
- July 11, 2023
Windows Search Remote Code Execution Vulnerability
Race Condition
Microsoft Office Security Feature Bypass Vulnerability
CVE-2023-33150
9.6 - Critical
- July 11, 2023
Microsoft Office Security Feature Bypass Vulnerability
Microsoft Word Security Feature Bypass Vulnerability
CVE-2023-29335
7.5 - High
- May 09, 2023
Microsoft Word Security Feature Bypass Vulnerability
Microsoft Word Remote Code Execution (RCE) Vulnerability
CVE-2023-28311
7.8 - High
- April 11, 2023
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word RCE via Vulnerable Component
CVE-2023-21716
9.8 - Critical
- February 14, 2023
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Info Disclosure via Malformed File
CVE-2022-41060
5.5 - Medium
- November 09, 2022
Microsoft Word Information Disclosure Vulnerability
MS Word RCE via Malicious OLE File
CVE-2022-41061
7.8 - High
- November 09, 2022
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Info Disclosure Vulnerability
CVE-2022-41103
5.5 - Medium
- November 09, 2022
Microsoft Word Information Disclosure Vulnerability
Microsoft Word RCE via RTF Untrusted Input
CVE-2022-41031
7.8 - High
- October 11, 2022
Microsoft Word Remote Code Execution Vulnerability
Microsoft Office Security Feature Bypass Vulnerability
CVE-2022-29107
5.5 - Medium
- May 10, 2022
Microsoft Office Security Feature Bypass Vulnerability
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-26903
7.8 - High
- April 15, 2022
Windows Graphics Component Remote Code Execution Vulnerability
Microsoft Office Word Tampering Vulnerability
CVE-2022-24511
5.5 - Medium
- March 09, 2022
Microsoft Office Word Tampering Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2022-21842
7.8 - High
- January 11, 2022
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-40486
7.8 - High
- October 13, 2021
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-34452
7.8 - High
- July 16, 2021
Microsoft Word Remote Code Execution Vulnerability
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-31180
7.8 - High
- May 11, 2021
Microsoft Office Graphics Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
CVE-2021-31177
7.8 - High
- May 11, 2021
Microsoft Office Remote Code Execution Vulnerability
Dangling pointer
Microsoft Office Information Disclosure Vulnerability
CVE-2021-31178
5.5 - Medium
- May 11, 2021
Microsoft Office Information Disclosure Vulnerability
Integer underflow
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-28453
7.8 - High
- April 13, 2021
Microsoft Word Remote Code Execution Vulnerability
Jan 2021: Microsoft Word Remote Code Execution Vulnerability
CVE-2021-1715
7.8 - High
- January 12, 2021
Microsoft Word Remote Code Execution Vulnerability
Jan 2021: Microsoft Word Remote Code Execution Vulnerability
CVE-2021-1716
7.8 - High
- January 12, 2021
Microsoft Word Remote Code Execution Vulnerability
Nov 2020: Microsoft Word Security Feature Bypass Vulnerability
CVE-2020-17020
3.3 - Low
- November 11, 2020
Microsoft Word Security Feature Bypass Vulnerability
Oct 2020: Microsoft Word Security Feature Bypass Vulnerability
CVE-2020-16933
7 - High
- October 16, 2020
<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.</p> <p>To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Word handles these files.</p>
Sep 2020: Microsoft Word Remote Code Execution Vulnerability
CVE-2020-1218
7.8 - High
- September 11, 2020
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.</p> <p>To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory.</p>
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory
CVE-2020-1503
5.5 - Medium
- August 17, 2020
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created. The update addresses the vulnerability by changing the way certain Word functions handle objects in memory.
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory
CVE-2020-1583
8.8 - High
- August 17, 2020
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created. The update addresses the vulnerability by changing the way certain Word functions handle objects in memory.
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory
CVE-2020-1448
8.8 - High
- July 14, 2020
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447.
Buffer Overflow
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory
CVE-2020-1447
8.8 - High
- July 14, 2020
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448.
Buffer Overflow
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory
CVE-2020-1446
8.8 - High
- July 14, 2020
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448.
Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Word or by Microsoft? Click the Watch button to subscribe.
