Jun 2026: Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45458 Published on June 9, 2026
Microsoft Outlook and Word Remote Code Execution Vulnerability
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
Weakness Type
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2026-45458 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2026-45458
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft 365 Apps for Enterprise:- Version 16.0.1 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version 19.0.0 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version - is affected.
- Version 16.0.1 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version 16.0.0 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version - is affected.
- Version - is affected.
- Version 16.0.0 and below 16.0.5556.1005 is affected.
- Version 16.0.0 and below 16.0.10417.20153 is affected.
- Version 16.0.0 and below 16.0.19725.20384 is affected.
- Version 16.0.1 and below 16.0.5556.1000 is affected.