Quickfire Cyber Bulletin June 5, 2026
← Back

CVE-2026-40363

Low

Description

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Scores & Signals

CVSS 3.1 8.4 — HIGH
EPSS score 0.0006 (17.9th percentile)
CISA KEV No
Affected Microsoft 365 Apps
Published 2026-05-12

Sources

External references

Risk scores are deterministic, based on public signals only. They are informational context, not a final verdict. Always consult vendor advisories before taking action.