CVEDB API

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.4%

CVSS Severity

CVSS v3 Score 8.4

References

Products affected by CVE-2026-26110

Microsoft » 365 Apps » Version: N/A

cpe:2.3:a:microsoft:365_apps:-
Microsoft » Office » Version: N/A

cpe:2.3:a:microsoft:office:-
Microsoft » Office » Version: 16.0.16026.20172

cpe:2.3:a:microsoft:office:16.0.16026.20172
Microsoft » Office » Version: 16.0.16130.20156

cpe:2.3:a:microsoft:office:16.0.16130.20156
Microsoft » Office » Version: 16.0.16827.20138

cpe:2.3:a:microsoft:office:16.0.16827.20138
Microsoft » Office » Version: 16.0.19127.20000

cpe:2.3:a:microsoft:office:16.0.19127.20000
Microsoft » Office » Version: 16.0.19220.20000

cpe:2.3:a:microsoft:office:16.0.19220.20000
Microsoft » Office » Version: 16.0.19328.20000

cpe:2.3:a:microsoft:office:16.0.19328.20000
Microsoft » Office » Version: 2016

cpe:2.3:a:microsoft:office:2016
Microsoft » Office » Version: 2019

cpe:2.3:a:microsoft:office:2019
Microsoft » Office Long Term Servicing Channel » Version: 2021

cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021
Microsoft » Office Long Term Servicing Channel » Version: 2024

cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024