Vulnerability Details CVE-2026-21258
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.6%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2026-21258
-
cpe:2.3:a:microsoft:365_apps:-
-
cpe:2.3:a:microsoft:excel:2016
-
cpe:2.3:a:microsoft:office:2019
-
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021
-
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024
-
cpe:2.3:a:microsoft:office_online_server:-
-
cpe:2.3:a:microsoft:office_online_server:1.0
-
cpe:2.3:a:microsoft:office_online_server:16.0.10410.20003
-
cpe:2.3:a:microsoft:office_online_server:16.0.10414.20000
-
cpe:2.3:a:microsoft:office_online_server:16.0.10416.20047
-
cpe:2.3:a:microsoft:office_online_server:16.0.10416.20058
-
cpe:2.3:a:microsoft:office_online_server:16.0.10417.20027
-
cpe:2.3:a:microsoft:office_online_server:16.0.10417.20047
-
cpe:2.3:a:microsoft:office_online_server:16.0.10417.20059
-
cpe:2.3:a:microsoft:office_online_server:16.0.10417.20068