Jun 2026: Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44817 Published on June 9, 2026
Microsoft Excel Remote Code Execution Vulnerability
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Weakness Type
What is an Object Type Confusion Vulnerability?
The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.
CVE-2026-44817 has been classified to as an Object Type Confusion vulnerability or weakness.
Products Associated with CVE-2026-44817
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft 365 Apps for Enterprise:- Version 16.0.1 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version 16.0.0.0 and below 16.0.5556.1001 is affected.
- Version 19.0.0 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version - is affected.
- Version 16.0.1 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version 16.0.0 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version - is affected.
- Version - is affected.
- Version 16.0.0.0 and below 16.0.10417.20137 is affected.