CVE-2026-44822 – Microsoft 365 Apps for Mac
“Office document risks can quickly become code execution and privilege exposure risks.”
This patch addresses eight vulnerabilities in Microsoft 365 Apps for Mac. The update covers memory handling, race condition, type confusion, out-of-bounds read, heap overflow, numeric truncation, and use-after-free issues. Several of these vulnerabilities may allow remote code execution through crafted content, while others create privilege or stability risks.
CVE-2026-44817 has a CVSS score of 7.8, which is High severity. CVE-2026-44818 has a CVSS score of 7.0, which is High severity. CVE-2026-44819 has a CVSS score of 7.8, which is High severity. CVE-2026-44820 has a CVSS score of 7.8, which is High severity. CVE-2026-44821 has a CVSS score of 5.5, which is Medium severity. CVE-2026-44822 has a CVSS score of 8.2, which is High severity. CVE-2026-44823 has a CVSS score of 7.8, which is High severity. CVE-2026-44824 has a CVSS score of 7.8, which is High severity.
No verified exploitation has been reported.
Key Details
- Affected Product
- Microsoft 365 Apps
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-125