Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Onenote  Security Vulnerabilities
CVE-2026-26133
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVSS Score
7.1
EPSS Score
0.001
Published
2026-03-16
CVE-2025-29822
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
CVSS Score
7.8
EPSS Score
0.008
Published
2025-04-08
CVE-2025-21402
Microsoft Office OneNote Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.005
Published
2025-01-14
CVE-2024-41159
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
CVSS Score
7.1
EPSS Score
0.0
Published
2024-12-18
CVE-2023-36769
Microsoft OneNote Spoofing Vulnerability
CVSS Score
4.6
EPSS Score
0.001
Published
2023-11-06
CVE-2023-33140
Microsoft OneNote Spoofing Vulnerability
CVSS Score
6.5
EPSS Score
0.055
Published
2023-06-14
CVE-2023-21721
Microsoft OneNote Elevation of Privilege Vulnerability
CVSS Score
6.5
EPSS Score
0.061
Published
2023-02-14
CVE-2017-8509
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.
CVSS Score
8.8
EPSS Score
0.056
Published
2017-06-15
CVE-2017-0197
Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."
CVSS Score
7.8
EPSS Score
0.278
Published
2017-04-12
CVE-2016-3315
Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."
CVSS Score
5.5
EPSS Score
0.347
Published
2016-08-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved