Microsoft Word
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Word.
Recent Microsoft Word Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-40367 | CVE-2026-40367 Microsoft Word Remote Code Execution Vulnerability | May 12, 2026 |
| CVE-2026-35440 | CVE-2026-35440 Microsoft Word Information Disclosure Vulnerability | May 12, 2026 |
| CVE-2026-40364 | CVE-2026-40364 Microsoft Word Remote Code Execution Vulnerability | May 12, 2026 |
| CVE-2026-40361 | CVE-2026-40361 Microsoft Word Remote Code Execution Vulnerability | May 12, 2026 |
| CVE-2026-40366 | CVE-2026-40366 Microsoft Word Remote Code Execution Vulnerability | May 12, 2026 |
| CVE-2026-40421 | CVE-2026-40421 Microsoft Word Information Disclosure Vulnerability | May 12, 2026 |
| CVE-2026-41101 | CVE-2026-41101 Microsoft Word for Android Spoofing Vulnerability | May 12, 2026 |
| CVE-2026-7921 | Chromium: CVE-2026-7921 Use after free in Passwords | May 7, 2026 |
| CVE-2026-7598 | CVE-2026-7598 libssh2 userauth.c userauth_password integer overflow | May 3, 2026 |
| CVE-2026-41677 | CVE-2026-41677 rust-openssl: Out-of-bounds read in PEM password callback when user callback returns an oversized length | April 26, 2026 |
Known Exploited Microsoft Word Vulnerabilities
The following Microsoft Word vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Microsoft Word Information Disclosure Vulnerability |
Microsoft Word contains an unspecified vulnerability that allows for information disclosure. CVE-2023-36761 Exploit Probability: 5.5% |
September 12, 2023 |
| Microsoft Word Malformed Object Pointer Vulnerability |
Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code. CVE-2006-2492 Exploit Probability: 74.1% |
June 8, 2022 |
| Microsoft Word Remote Code Execution Vulnerability |
Microsoft Word allows attackers to execute remote code or cause a denial-of-service via crafted RTF data. CVE-2012-2539 Exploit Probability: 84.4% |
March 28, 2022 |
| Microsoft Word Memory Corruption Vulnerability |
Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution. CVE-2014-1761 Exploit Probability: 93.3% |
February 15, 2022 |
Of the known exploited vulnerabilities above, 2 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. The vulnerability CVE-2006-2492: Microsoft Word Malformed Object Pointer Vulnerability is in the top 5% of the currently known exploitable vulnerabilities.
By the Year
In 2026 there have been 3 vulnerabilities in Microsoft Word with an average score of 7.3 out of ten. Last year, in 2025 Word had 13 security vulnerabilities published. Right now, Word is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 0.32
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 7.30 |
| 2025 | 13 | 7.62 |
| 2024 | 5 | 7.14 |
| 2023 | 8 | 7.69 |
| 2022 | 8 | 6.65 |
| 2021 | 8 | 7.51 |
| 2020 | 15 | 7.36 |
| 2019 | 6 | 7.37 |
| 2018 | 27 | 8.13 |
It may take a day or so for new Word vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Word Security Vulnerabilities
May 2026: Microsoft Office Spoofing Vulnerability
CVE-2026-42832
7.7 - High
- May 12, 2026
Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
Authorization
May 2026: Microsoft Word for Android Spoofing Vulnerability
CVE-2026-41101
7.1 - High
- May 12, 2026
Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.
Authorization
Mar 2026: M365 Copilot Information Disclosure Vulnerability
CVE-2026-26133
7.1 - High
- March 13, 2026
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Command Injection
Aug 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-53738
7.8 - High
- August 12, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Aug 2025: Microsoft Word Information Disclosure Vulnerability
CVE-2025-53736
6.8 - Medium
- August 12, 2025
Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Buffer Over-read
Aug 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-53733
8.4 - High
- August 12, 2025
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Incorrect Conversion between Numeric Types
Jul 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-49703
7.8 - High
- July 08, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Jul 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-49698
7.8 - High
- July 08, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Jul 2025: Microsoft Office Remote Code Execution Vulnerability
CVE-2025-49699
7 - High
- July 08, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Dangling pointer
Jul 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-49700
7.8 - High
- July 08, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Jun 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-47169
7.8 - High
- June 10, 2025
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
Jun 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-47168
7.8 - High
- June 10, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Apr 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-27747
7.8 - High
- April 08, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Untrusted Pointer Dereference
Apr 2025: Microsoft Word Security Feature Bypass Vulnerability
CVE-2025-29816
7.5 - High
- April 08, 2025
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.
Acceptance of Extraneous Untrusted Data With Trusted Data
Mar 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-24078
7 - High
- March 11, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Mar 2025: Microsoft Word Remote Code Execution Vulnerability
CVE-2025-24079
7.8 - High
- March 11, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Dangling pointer
Microsoft Word Library Injection Vulnerability on macOS
CVE-2024-41165
7.1 - High
- December 18, 2024
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
Improper Verification of Cryptographic Signature
Microsoft Office RCE Vulnerability CVE-2024-49065
CVE-2024-49065
5.5 - Medium
- December 12, 2024
Microsoft Office Remote Code Execution Vulnerability
Out-of-bounds Read
Microsoft Word Security Feature Bypass Vulnerability
CVE-2024-49033
7.5 - High
- November 12, 2024
Microsoft Word Security Feature Bypass Vulnerability
Improper Input Validation
Microsoft Word RCE via Malformed Document (CVE-2024-21379)
CVE-2024-21379
7.8 - High
- February 13, 2024
Microsoft Word Remote Code Execution Vulnerability
Microsoft Office RCE via Office Component
CVE-2024-20673
7.8 - High
- February 13, 2024
Microsoft Office Remote Code Execution Vulnerability
Microsoft Word Info Disclosure (CVE-2023-36009)
CVE-2023-36009
5.5 - Medium
- December 12, 2023
Microsoft Word Information Disclosure Vulnerability
Sep 2023: Microsoft Word Information Disclosure Vulnerability
CVE-2023-36761
6.5 - Medium
- September 12, 2023
Microsoft Word Information Disclosure Vulnerability
Improper Input Validation
Sep 2023: Microsoft Word Remote Code Execution Vulnerability
CVE-2023-36762
7.3 - High
- September 12, 2023
Microsoft Word Remote Code Execution Vulnerability
Improper Input Validation
Jul 2023: Windows Search Remote Code Execution Vulnerability
CVE-2023-36884
7.5 - High
- July 11, 2023
Windows Search Remote Code Execution Vulnerability
Race Condition
Microsoft Office Security Feature Bypass Vulnerability
CVE-2023-33150
9.6 - Critical
- July 11, 2023
Microsoft Office Security Feature Bypass Vulnerability
Microsoft Word Security Feature Bypass Vulnerability
CVE-2023-29335
7.5 - High
- May 09, 2023
Microsoft Word Security Feature Bypass Vulnerability
Microsoft Word Remote Code Execution (RCE) Vulnerability
CVE-2023-28311
7.8 - High
- April 11, 2023
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word RCE via Vulnerable Component
CVE-2023-21716
9.8 - Critical
- February 14, 2023
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Info Disclosure via Malformed File
CVE-2022-41060
5.5 - Medium
- November 09, 2022
Microsoft Word Information Disclosure Vulnerability
MS Word RCE via Malicious OLE File
CVE-2022-41061
7.8 - High
- November 09, 2022
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Info Disclosure Vulnerability
CVE-2022-41103
5.5 - Medium
- November 09, 2022
Microsoft Word Information Disclosure Vulnerability
Microsoft Word RCE via RTF Untrusted Input
CVE-2022-41031
7.8 - High
- October 11, 2022
Microsoft Word Remote Code Execution Vulnerability
Microsoft Office Security Feature Bypass Vulnerability
CVE-2022-29107
5.5 - Medium
- May 10, 2022
Microsoft Office Security Feature Bypass Vulnerability
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-26903
7.8 - High
- April 15, 2022
Windows Graphics Component Remote Code Execution Vulnerability
Microsoft Office Word Tampering Vulnerability
CVE-2022-24511
5.5 - Medium
- March 09, 2022
Microsoft Office Word Tampering Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2022-21842
7.8 - High
- January 11, 2022
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-40486
7.8 - High
- October 13, 2021
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-34452
7.8 - High
- July 16, 2021
Microsoft Word Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
CVE-2021-31177
7.8 - High
- May 11, 2021
Microsoft Office Remote Code Execution Vulnerability
Dangling pointer
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-31180
7.8 - High
- May 11, 2021
Microsoft Office Graphics Remote Code Execution Vulnerability
Microsoft Office Information Disclosure Vulnerability
CVE-2021-31178
5.5 - Medium
- May 11, 2021
Microsoft Office Information Disclosure Vulnerability
Integer underflow
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-28453
7.8 - High
- April 13, 2021
Microsoft Word Remote Code Execution Vulnerability
Jan 2021: Microsoft Word Remote Code Execution Vulnerability
CVE-2021-1715
7.8 - High
- January 12, 2021
Microsoft Word Remote Code Execution Vulnerability
Jan 2021: Microsoft Word Remote Code Execution Vulnerability
CVE-2021-1716
7.8 - High
- January 12, 2021
Microsoft Word Remote Code Execution Vulnerability
Nov 2020: Microsoft Word Security Feature Bypass Vulnerability
CVE-2020-17020
3.3 - Low
- November 11, 2020
Microsoft Word Security Feature Bypass Vulnerability
Oct 2020: Microsoft Word Security Feature Bypass Vulnerability
CVE-2020-16933
7 - High
- October 16, 2020
<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.</p> <p>To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Word handles these files.</p>
Sep 2020: Microsoft Word Remote Code Execution Vulnerability
CVE-2020-1218
7.8 - High
- September 11, 2020
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.</p> <p>To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory.</p>
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory
CVE-2020-1583
8.8 - High
- August 17, 2020
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created. The update addresses the vulnerability by changing the way certain Word functions handle objects in memory.
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory
CVE-2020-1503
5.5 - Medium
- August 17, 2020
An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created. The update addresses the vulnerability by changing the way certain Word functions handle objects in memory.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Word or by Microsoft? Click the Watch button to subscribe.
