VDB
GCVE-110-NCSC-2025-189
GCVE-110-NCSC-2025-189
Advisory PublishedCVSS 8.4/10
Microsoft heeft kwetsbaarheden verholpen in Office producten.
Weaknesses (CWE)
CWE-416Use After FreeCWE-122Heap-based Buffer OverflowCWE-641Improper Restriction of Names for Files and Other ResourcesCWE-843Access of Resource Using Incompatible Type ('Type Confusion')CWE-20Improper Input ValidationCWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')CWE-502Deserialization of Untrusted DataCWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Risk Scores
CVSS 3.1
8.4/10
High · CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Microsoft | vers:microsoft/2016 | — | — |
| Microsoft | vers:unknown/16.0.0|<16.0.5504.1001 | — | — |
| Microsoft | vers:unknown/19.0.0|<https://aka.ms/officesecurityreleases | — | — |
| Microsoft | vers:unknown/16.0.0|<16.0.10417.20018 | — | — |
| Microsoft | vers:microsoft/unknown | — | — |
| Microsoft | vers:unknown/1.0.0|<16.0.10417.20018 | — | — |
| Microsoft | vers:unknown/16.0.0|<16.0.18526.20396 | — | — |
| Microsoft | vers:microsoft/2021 | — | — |
| Microsoft | vers:unknown/16.0.1|<16.0.5504.1000 | — | — |
| Microsoft | vers:unknown/1.0.0|<https://aka.ms/officesecurityreleases | — | — |
| Microsoft | vers:unknown/1.0.0|<16.98.25060824 | — | — |
| Microsoft | vers:unknown/<4.79 | — | — |
| Microsoft | vers:unknown/16.0.0|<16.0.5504.1000 | — | — |
| Microsoft | vers:unknown/n/a | — | — |
| Microsoft | vers:unknown/16.0.1|<16.98.25060824 | — | — |
| Microsoft | vers:unknown/16.0.1|<16.0.18925.20000 | — | — |
| Microsoft | vers:unknown/16.0.1|<https://aka.ms/officesecurityreleases | — | — |
| Microsoft | vers:unknown/16.0.0.0|<16.0.5504.1000 | — | — |
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.