VDB

CVE-2026-45466

CVE-2026-45466 PUBLISHED CVSS 3.3 LOW

Reported by microsoft · Published June 9, 2026

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

Risk Scores

CVSS 3.1
3.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

Affected Products

VendorProductVersions
MicrosoftMicrosoft 365 Apps for Enterprise16.0.1
MicrosoftMicrosoft Office 365 for Mac1.0.0
MicrosoftMicrosoft Office LTSC 202116.0.1
MicrosoftMicrosoft Office LTSC 202416.0.0
MicrosoftMicrosoft Office LTSC for Mac 202116.0.1
MicrosoftMicrosoft Office LTSC for Mac 202416.0.0
MicrosoftMicrosoft Office LTSC 202116.0.1, 16.0.1, 16.0.1
MicrosoftMicrosoft 365 Apps for Enterprise16.0.1, 16.0.1, 16.0.1
microsoftoffice_macos_202116.0.1, 16.0.1, 16.0.1
microsoftoffice_macos_202416.0.0, -, -
microsoftoffice_3651.0.0, 1.0.0, 1.0.0
MicrosoftMicrosoft Office 365 for Mac1.0.0, -, -
MicrosoftMicrosoft Office LTSC for Mac 2021-, -, -
microsoft365_apps16.0.1, 16.0.1, 16.0.1
MicrosoftMicrosoft Office LTSC 202416.0.0, 16.0.0, 16.0.0
microsoftoffice_202416.0.0, 16.0.0, 16.0.0
microsoftoffice_202116.0.1, 16.0.1, 16.0.1
MicrosoftMicrosoft Office LTSC for Mac 202416.0.0, -, -

Timeline

  • Jun 9, 2026 CVE Published
  • Jun 10, 2026 Coalition ESS Score
  • Jun 10, 2026 Security Advisory
  • Jun 12, 2026 Security Advisory
  • Jun 19, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›