CVE-2026-44824 – Microsoft 365 Apps for Mac

CVSS 7.8 IMPORTANT High with EoP or RCE – Expedited Deployment

“Office document risks can quickly become code execution and privilege exposure risks.”

This patch addresses eight vulnerabilities in Microsoft 365 Apps for Mac. The update covers memory handling, race condition, type confusion, out-of-bounds read, heap overflow, numeric truncation, and use-after-free issues. Several of these vulnerabilities may allow remote code execution through crafted content, while others create privilege or stability risks.

CVE-2026-44817 has a CVSS score of 7.8, which is High severity. CVE-2026-44818 has a CVSS score of 7.0, which is High severity. CVE-2026-44819 has a CVSS score of 7.8, which is High severity. CVE-2026-44820 has a CVSS score of 7.8, which is High severity. CVE-2026-44821 has a CVSS score of 5.5, which is Medium severity. CVE-2026-44822 has a CVSS score of 8.2, which is High severity. CVE-2026-44823 has a CVSS score of 7.8, which is High severity. CVE-2026-44824 has a CVSS score of 7.8, which is High severity.

No verified exploitation has been reported.

Key Details

Affected Product
Microsoft 365 Apps
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
CWE Classification
CWE-122
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.