CVE-2026-44812 – Microsoft Excel for Android

CVSS 7.8 IMPORTANT High with EoP or RCE – Expedited Deployment

“One spreadsheet should never be enough to gain code execution or elevated access.”

This patch addresses three vulnerabilities in Microsoft Excel for Android. The update resolves an improper access control issue as well as two integer overflow vulnerabilities that could expose users to elevated privileges or code execution through specially crafted content.

CVE-2026-45649 has a CVSS score of 7.1, which is High severity. The vulnerability is classified as CWE-284 and may allow Elevation of Privilege.

CVE-2026-44803 has a CVSS score of 7.8, which is High severity. The vulnerability is classified as CWE-190 and may allow Remote Code Execution.

CVE-2026-44812 has a CVSS score of 7.8, which is High severity. The vulnerability is classified as CWE-190 and may allow Remote Code Execution.

No verified exploitation has been reported for these vulnerabilities. Organizations using Microsoft Excel for Android should apply the update to reduce the risk of malicious spreadsheet-based attacks and unauthorized privilege gains.

Key Details

Affected Product
Microsoft Excel
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
CWE Classification
CWE-190
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.