CVE-2026-21514KEV

Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

Description

Vendor	Product	Versions
microsoft	365_apps	—

Tier B

JPCERT/CC

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA KEV✅ Yes

Actively exploited✅ Yes

CWECWE-807

Published2/10/2026

Last enriched12h ago

Trending Score86

Source articles1

Independent1

Info Completeness9/14

Missing: versions, epss, patch, iocs, mitre_attack

0 upvotes0 downvotes

No votes yet

State: verified

Confidence: 100%