ГлавнаяУязвимости → CVE-2026-40367
8.4высокая

CVE-2026-40367

Описание

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Затрагиваемое ПО
Microsoft 365 appsMicrosoft OfficeMicrosoft Office long term servicing channelMicrosoft Sharepoint serverMicrosoft Word
CVSS
Балл8.4 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40367