CVE-2026-21509

HighKnown Exploited

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature…

secure@microsoft.com·CWE-807·Published 2026-01-26

CVSS

7.8

EPSS

0.72

KEV

Yes

Exploits

cve.orgen

141 chars

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

NVDen

141 chars

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

Dependencia de entradas no confiables en una decisión de seguridad en Microsoft Office permite a un atacante no autorizado eludir una característica de seguridad localmente.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
3.1	Secondary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H