Microsoft Office Word allows unauthorized code execution

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Microsoft Office Word allows unauthorized code execution

CVE-2026-23657

Summary

An attacker can run unauthorized code on your computer if they know how to exploit a weakness in Microsoft Office Word. This could lead to data theft or system damage. Update your Office software to the latest version to fix this vulnerability.

Original title

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Original description

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-416 Use After Free

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23657

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026