Home / Vulnerability Intelligence / CVE-2026-26113

CVE-2026-26113 - Vulnerability Analysis

HighCVSS: 8.4

Last Updated: March 11, 2026

Microsoft Office - Use After Free

Published: March 10, 2026Updated: March 11, 2026

Overview

Microsoft Office contains a use after free vulnerability caused by untrusted pointer dereference, letting unauthorized attackers execute code locally, exploit requires local access.

Severity & Score

Severity: High

CVSS Score: 8.4

EPSS Score: 4.4%(Probability of exploitation in next 30 days)

Impact

Unauthorized attackers can execute code locally, potentially leading to full system compromise.

Mitigation

Update to the latest version of Microsoft Office.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26113

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 10, 2026

🟠 CVE-2026-26113 - High (8.4) Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26113/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-26113
Severity: High
CVSS Score: 8.4
Type: use_after_free
Status: unconfirmed
EPSS: 4.4%
Social Posts: 1

CWE

CWE-822

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.4%Probability of exploitation in the next 30 days