CVE Tools

CVE-2026-55018

Microsoft Office Remote Code Execution Vulnerability

Published: Jul 14, 2026Updated: Jul 16, 2026 Sources: CVE List NVDCWE-416

Description

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

In plain language

AI Act now

This is a Microsoft Office bug that could let someone run malicious code on your computer if you open a specially made Office file; if you handle emails or downloads, you should update promptly.

Executive summary

A use-after-free in Microsoft Office can lead to local arbitrary code execution when a user opens a crafted malicious Office document; it requires no login, but does require user interaction (opening the file).

If affected, business impact
Malware runs as your userData theft from Office filesRansomware or full compromise riskWork disruption from device takeover

What to do now

  1. Check which Microsoft Office product and version your devices run (Windows: Microsoft 365 Apps/Microsoft Office; macOS: Microsoft Office 365 for Mac, Microsoft Office LTSC for Mac 2021, Microsoft Office LTSC for Mac 2024).
  2. If you have Microsoft Office (Windows), update to version 16.0.5561.1000 or later.
  3. If you have Microsoft 365 Apps (Windows), update using Microsoft’s Office security releases guidance at https://aka.ms/OfficeSecurityReleases until your build is on the fixed line.
  4. If you use Microsoft Office 365 for Mac or either LTSC for Mac (2021/2024), update all affected Macs to 16.111.26071215.
  5. After updating, be extra cautious with email attachments and downloaded Office documents until users confirm they’re on the fixed versions.
Usually a quick update

CVSS Vector Breakdown

AV:LAC:LPR:NUI:RS:UC:HI:HA:H
Exploitability
AV:LAttack Vector
Local
AC:LAttack Complexity
Low
PR:NPrivileges Required
None
UI:RUser Interaction
Required
Scope
S:UScope
Unchanged
Impact
C:HConfidentiality
High
I:HIntegrity
High
A:HAvailability
High

Weaknesses

Affected Products

and 6 more affected products View all →

Exploitability

Official Patch Available

Attack Graph

Products CVE Techniques Tactics

Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/ + scroll to zoom, or go fullscreen.

MITRE ATT&CK

2 techniques
Initial Access
Privilege Escalation
View detailed technique mapping

References

4

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2026-55018 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows