Vulnerability Details CVE-2026-21259
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.0%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2026-21259
-
cpe:2.3:a:microsoft:365_apps:-
-
cpe:2.3:a:microsoft:excel:2016
-
cpe:2.3:a:microsoft:office:2019
-
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021
-
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024
-
cpe:2.3:a:microsoft:office_online_server:-
-
cpe:2.3:a:microsoft:office_online_server:1.0
-
cpe:2.3:a:microsoft:office_online_server:16.0.10410.20003
-
cpe:2.3:a:microsoft:office_online_server:16.0.10414.20000
-
cpe:2.3:a:microsoft:office_online_server:16.0.10416.20047
-
cpe:2.3:a:microsoft:office_online_server:16.0.10416.20058
-
cpe:2.3:a:microsoft:office_online_server:16.0.10417.20027
-
cpe:2.3:a:microsoft:office_online_server:16.0.10417.20047
-
cpe:2.3:a:microsoft:office_online_server:16.0.10417.20059
-
cpe:2.3:a:microsoft:office_online_server:16.0.10417.20068