Zero Day MonitorZDM

← Back to list

EST

PRE-CVEEXPLOITED

microsoft · microsoft office and related products

Multiple Vulnerabilities in Microsoft Office Products Allow Code Execution, Spoofing, Data Manipulation, and Information Disclosure

72% confidence

Description

Multiple vulnerabilities exist in Microsoft Excel, Microsoft PowerPoint, Microsoft Office, Microsoft Office Online Server, Microsoft SharePoint, Microsoft SharePoint Server 2019, and Microsoft 365 Apps that allow an attacker to execute arbitrary code, perform spoofing attacks, manipulate data, and disclose confidential information. [Auto-archived: reprocess_no_remaining_articles — 2026-04-16T12:11:35.631Z]

Affected Products

Vendor	Product	Versions
microsoft	microsoft office and related products	—

CISA KEV❌ No

Actively exploited✅ Yes

PublishedApr 15, 2026

Last enriched4d agov2

Tags

code executionspoofinginformation disclosuredata manipulationmultiple vulnerabilitiesdenial of servicesecurity bypass

Trending Score0

Source articles0

Independent0

Info Completeness5/14

Missing: cve_id, versions, cvss, epss, cwe, kev, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-33825EXPKEV

Microsoft Defender Elevation of Privilege Vulnerability

MEDIUMCVE-2026-32201EXPKEV

Microsoft SharePoint Server Spoofing Vulnerability

HIGHCVE-2026-21262EXPKEV

SQL Server Elevation of Privilege Vulnerability

CRITICALCVE-2026-33824EXP

Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability

HIGHCVE-2026-32071EXP

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Pin to Dashboard

Verification

State: archived

Confidence: 72%

Vulnerability Timeline

CVE Published

Apr 15, 2026

Actively Exploited

Apr 15, 2026

Exploit Available

Apr 15, 2026

Discovered by ZDM

Apr 15, 2026

Updated: exploitAvailable, activelyExploited, tags

Apr 15, 2026

Version History

v2

Last enriched 4d ago

v2Tier B4d ago

Updated product list to include Microsoft Visual Studio and related products, and marked exploit availability and active exploitation status as true.

exploitAvailableactivelyExploitedtags

via BSI Advisories

v14d ago

Initial creation