Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Project Subscriptions
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 14 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |
| Title | Microsoft Excel Remote Code Execution Vulnerability | |
| First Time appeared |
Microsoft
Microsoft 365 Apps Microsoft excel 2016 Microsoft office 2019 Microsoft office 2021 Microsoft office 2024 Microsoft office 365 Microsoft office Macos 2021 Microsoft office Macos 2024 |
|
| Weaknesses | CWE-843 | |
| CPEs | cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:* cpe:2.3:a:microsoft:excel_2016:*:*:*:*:*:*:x86:* cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:* cpe:2.3:a:microsoft:office_2021:*:*:*:*:ltsc:*:*:* cpe:2.3:a:microsoft:office_2024:*:*:*:*:long_term_servicing_channel:*:*:* cpe:2.3:a:microsoft:office_365:*:*:*:*:*:macos:*:* cpe:2.3:a:microsoft:office_macos_2021:*:*:*:*:*:long_term_servicing_channel:*:* cpe:2.3:a:microsoft:office_macos_2024:*:*:*:*:*:long_term_servicing_channel:*:* |
|
| Vendors & Products |
Microsoft
Microsoft 365 Apps Microsoft excel 2016 Microsoft office 2019 Microsoft office 2021 Microsoft office 2024 Microsoft office 365 Microsoft office Macos 2021 Microsoft office Macos 2024 |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2026-07-14T19:40:45.147Z
Reserved: 2026-06-16T14:12:44.285Z
Link: CVE-2026-55025
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses