CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-40366

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.1%

CVSS Severity

CVSS v3 Score 8.4

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40366

Products affected by CVE-2026-40366

Microsoft » 365 Apps » Version: N/A

cpe:2.3:a:microsoft:365_apps:-
Microsoft » Office » Version: 2019

cpe:2.3:a:microsoft:office:2019
Microsoft » Office Long Term Servicing Channel » Version: 2021

cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021
Microsoft » Office Long Term Servicing Channel » Version: 2024

cpe:2.3:a:microsoft:office_long_term_servicing_channel:2024
Microsoft » Word » Version: 2016

cpe:2.3:a:microsoft:word:2016

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved