Microsoft Office Long Term Servicing Channel — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Office Long Term Servicing Channel, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2025-60724 — CVSS 9.8 (critical): Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
CVE-2026-40364 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code…
CVE-2026-26113 — CVSS 8.4 (high): Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47167 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-33115 — CVSS 8.4 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49696 — CVSS 8.4 (high): Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49697 — CVSS 8.4 (high): Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-33114 — CVSS 8.4 (high): Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-20944 — CVSS 8.4 (high): Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40366 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code…
CVE-2025-62554 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-26110 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-53733 — CVSS 8.4 (high): Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40367 — CVSS 8.4 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code…
CVE-2025-59236 — CVSS 8.4 (high): Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20957 — CVSS 7.8 (high): Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20956 — CVSS 7.8 (high): Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20955 — CVSS 7.8 (high): Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20950 — CVSS 7.8 (high): Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-20949 — CVSS 7.8 (high): Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
CVE-2024-20677 — CVSS 7.8 (high): A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX…
CVE-2025-27750 — CVSS 7.8 (high): Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-27751 — CVSS 7.8 (high): Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-27752 — CVSS 7.8 (high): Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29791 — CVSS 7.8 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62205 — CVSS 7.8 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-29820 — CVSS 7.8 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-29822 — CVSS 7.8 (high): Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-29977 — CVSS 7.8 (high): Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29978 — CVSS 7.8 (high): Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2025-29979 — CVSS 7.8 (high): Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30375 — CVSS 7.8 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code…
CVE-2025-30376 — CVSS 7.8 (high): Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30379 — CVSS 7.8 (high): Release of invalid pointer or reference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30381 — CVSS 7.8 (high): Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30383 — CVSS 7.8 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code…
CVE-2025-30388 — CVSS 7.8 (high): Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2025-30393 — CVSS 7.8 (high): Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-32705 — CVSS 7.8 (high): Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
CVE-2025-47165 — CVSS 7.8 (high): Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-47168 — CVSS 7.8 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47169 — CVSS 7.8 (high): Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47170 — CVSS 7.8 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62203 — CVSS 7.8 (high): Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-47173 — CVSS 7.8 (high): Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47174 — CVSS 7.8 (high): Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-47175 — CVSS 7.8 (high): Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2025-47176 — CVSS 7.8 (high): '.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally.
CVE-2025-47994 — CVSS 7.8 (high): Deserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.
CVE-2025-62201 — CVSS 7.8 (high): Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-49698 — CVSS 7.8 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62200 — CVSS 7.8 (high): Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-49700 — CVSS 7.8 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49702 — CVSS 7.8 (high): Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49703 — CVSS 7.8 (high): Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49705 — CVSS 7.8 (high): Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.