Home

Description

Stack-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

PUBLISHED Reserved 2026-06-16 | Published 2026-07-14 | Updated 2026-07-14 | Assigner microsoft




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-121: Stack-based Buffer Overflow

Product status

16.0.1 (custom) before https://aka.ms/OfficeSecurityReleases
affected

19.0.0 (custom) before https://aka.ms/OfficeSecurityReleases
affected

1.0.0 (custom) before 16.111.26071215
affected

16.0.1 (custom) before https://aka.ms/OfficeSecurityReleases
affected

16.0.0 (custom) before https://aka.ms/OfficeSecurityReleases
affected

16.0.1 (custom) before 16.111.26071215
affected

16.0.0 (custom) before 16.111.26071215
affected

16.0.0 (custom) before 16.0.5561.1001
affected

16.0.0 (custom) before 16.0.10417.20175
affected

16.0.0 (custom) before 16.0.19725.20434
affected

16.0.1 (custom) before 16.0.5561.1000
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55134 (Microsoft Word Remote Code Execution Vulnerability) vendor-advisory patch

cve.org (CVE-2026-55134)

nvd.nist.gov (CVE-2026-55134)

Download JSON