CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-21514

Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.067

EPSS Ranking 91.0%

CVSS Severity

CVSS v3 Score 7.8

Proposed Action

Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

Ransomware Campaign

Unknown

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21514
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21514

Products affected by CVE-2026-21514

Microsoft » 365 Apps » Version: N/A

cpe:2.3:a:microsoft:365_apps:-
Microsoft » Office Long Term Servicing Channel » Version: 2021

cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021
Microsoft » Office Long Term Servicing Channel » Version: 2024

cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-21514

Products

Pricing

Contact Us