CVE-2026-44803 – Microsoft Excel for Android
“One spreadsheet should never be enough to gain code execution or elevated access.”
This patch addresses three vulnerabilities in Microsoft Excel for Android. The update resolves an improper access control issue as well as two integer overflow vulnerabilities that could expose users to elevated privileges or code execution through specially crafted content.
CVE-2026-45649 has a CVSS score of 7.1, which is High severity. The vulnerability is classified as CWE-284 and may allow Elevation of Privilege.
CVE-2026-44803 has a CVSS score of 7.8, which is High severity. The vulnerability is classified as CWE-190 and may allow Remote Code Execution.
CVE-2026-44812 has a CVSS score of 7.8, which is High severity. The vulnerability is classified as CWE-190 and may allow Remote Code Execution.
No verified exploitation has been reported for these vulnerabilities. Organizations using Microsoft Excel for Android should apply the update to reduce the risk of malicious spreadsheet-based attacks and unauthorized privilege gains.
Key Details
- Affected Product
- Microsoft Excel
- Attack Vector
- Local
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- Required
- CWE Classification
- CWE-190