Home
MEDIUM: 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 16.0.1 (custom) before https://aka.ms/OfficeSecurityReleases
affected
19.0.0 (custom) before https://aka.ms/OfficeSecurityReleases
affected
1.0.0 (custom) before 16.111.26071215
affected
16.0.1 (custom) before https://aka.ms/OfficeSecurityReleases
affected
16.0.0 (custom) before https://aka.ms/OfficeSecurityReleases
affected
16.0.1 (custom) before 16.111.26071215
affected
16.0.0 (custom) before 16.111.26071215
affected
16.0.0 (custom) before 16.0.5561.1001
affected
16.0.0 (custom) before 16.0.10417.20175
affected
16.0.0 (custom) before 16.0.19725.20434
affected
16.0.1 (custom) before 16.0.5561.1000
affected
Description
Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Problem types
CWE-1287: Improper Validation of Specified Type of Input
CWE-20: Improper Input Validation
Product status
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55124 (Microsoft Word Information Disclosure Vulnerability)