Quickfire Cyber Bulletin June 5, 2026
← Back

CVE-2026-26110

Low

Description

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Scores & Signals

CVSS 3.1 8.4 — HIGH
EPSS score 0.0007 (21.4th percentile)
CISA KEV No
Affected Microsoft 365 Apps
Published 2026-03-10

Sources

External references

Risk scores are deterministic, based on public signals only. They are informational context, not a final verdict. Always consult vendor advisories before taking action.