Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Metrics
Affected Vendors & Products
References
History
Thu, 16 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 14 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |
| Title | Microsoft Word Information Disclosure Vulnerability | |
| First Time appeared |
Microsoft
Microsoft 365 Apps Microsoft office 2019 Microsoft office 2021 Microsoft office 2024 Microsoft office 365 Microsoft office Macos 2021 Microsoft office Macos 2024 Microsoft sharepoint Server Microsoft sharepoint Server 2016 Microsoft sharepoint Server 2019 Microsoft word 2016 |
|
| Weaknesses | CWE-1287 CWE-20 |
|
| CPEs | cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:* cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:* cpe:2.3:a:microsoft:office_2024:*:*:*:*:long_term_servicing_channel:*:*:* cpe:2.3:a:microsoft:office_365:*:*:*:*:*:macos:*:* cpe:2.3:a:microsoft:office_macos_2021:*:*:*:*:*:long_term_servicing_channel:*:* cpe:2.3:a:microsoft:office_macos_2024:*:*:*:*:*:long_term_servicing_channel:*:* cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:* cpe:2.3:a:microsoft:sharepoint_server_2016:*:*:*:*:enterprise:*:*:* cpe:2.3:a:microsoft:sharepoint_server_2019:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:word_2016:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Microsoft
Microsoft 365 Apps Microsoft office 2019 Microsoft office 2021 Microsoft office 2024 Microsoft office 365 Microsoft office Macos 2021 Microsoft office Macos 2024 Microsoft sharepoint Server Microsoft sharepoint Server 2016 Microsoft sharepoint Server 2019 Microsoft word 2016 |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: microsoft
Published: 2026-07-14T17:08:47.741Z
Updated: 2026-07-17T21:32:37.922Z
Reserved: 2026-06-16T15:03:49.680Z
Link: CVE-2026-55124
Updated: 2026-07-14T19:07:58.292Z
No data.
No data.