Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
History

Wed, 15 Jul 2026 03:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft office Online Server
Vendors & Products Microsoft office Online Server

Tue, 14 Jul 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 14 Jul 2026 17:15:00 +0000

Type Values Removed Values Added
Description Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Title Microsoft Excel Information Disclosure Vulnerability
First Time appeared Microsoft
Microsoft 365 Apps
Microsoft excel 2016
Microsoft office 2019
Microsoft office 2021
Microsoft office 2024
Microsoft office 365
Microsoft office Macos 2021
Microsoft office Macos 2024
Weaknesses CWE-122
CPEs cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:excel_2016:*:*:*:*:*:*:x86:*
cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:*
cpe:2.3:a:microsoft:office_2021:*:*:*:*:ltsc:*:*:*
cpe:2.3:a:microsoft:office_2024:*:*:*:*:long_term_servicing_channel:*:*:*
cpe:2.3:a:microsoft:office_365:*:*:*:*:*:macos:*:*
cpe:2.3:a:microsoft:office_macos_2021:*:*:*:*:*:long_term_servicing_channel:*:*
cpe:2.3:a:microsoft:office_macos_2024:*:*:*:*:*:long_term_servicing_channel:*:*
Vendors & Products Microsoft
Microsoft 365 Apps
Microsoft excel 2016
Microsoft office 2019
Microsoft office 2021
Microsoft office 2024
Microsoft office 365
Microsoft office Macos 2021
Microsoft office Macos 2024
References
Metrics cvssV3_1

{'score': 6.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C'}


cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-07-14T19:37:17.213Z

Reserved: 2026-06-05T14:35:07.080Z

Link: CVE-2026-50678

cve-icon Vulnrichment

Updated: 2026-07-14T18:08:08.355Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-15T03:00:15Z