Jun 2026: Microsoft Office Information Disclosure Vulnerability
CVE-2026-45460 Published on June 9, 2026

Microsoft Office Information Disclosure Vulnerability
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Vendor Advisory NVD

Weakness Type

Buffer Over-read

The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. This typically occurs when the pointer or its index is incremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in exposure of sensitive information or possibly a crash.


Products Associated with CVE-2026-45460

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Office
 
Microsoft Office 365
 
Microsoft Office 2019
 
Microsoft 365 Apps
 
Microsoft Office Macos 2021
 
Microsoft Office 2021
 
Microsoft Office 2024
 
Microsoft Office Macos 2024
 

Affected Versions

Microsoft 365 Apps for Enterprise: Microsoft Office 2019: Microsoft Office 365 for Mac: Microsoft Office for Android: Microsoft Office LTSC 2021: Microsoft Office LTSC 2024: Microsoft Office LTSC for Mac 2021: Microsoft Office LTSC for Mac 2024: