Microsoft Excel Remote Code Execution Vulnerability_CVE-2026-20955

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Basic Information

ID CVE-2026-20955

Source microsoft

Published Jan 13, 2026 at 17:56

Modified Jan 13, 2026 at 18:04

Affected Product

Vendor Microsoft

Product Office Online Server

Version 16.0.0.0

Affected Versions Microsoft Office Online Server 16.0.0.0
Microsoft Microsoft Office 2019 19.0.0
Microsoft Microsoft 365 Apps for Enterprise 16.0.1
Microsoft Microsoft Office LTSC for Mac 2021 16.0.1
Microsoft Microsoft Office LTSC 2021 16.0.1
Microsoft Microsoft Office LTSC 2024 16.0.0
Microsoft Microsoft Office LTSC for Mac 2024 16.0.0

CWE Classification

CWE-822

References

msrc.microsoft.com /update-guide/vulnerability/CVE-2026-20955

{
    "lastseen": "",
    "description": "",
    "published": "2026-01-13T17:56:47.973Z",
    "modified": "2026-01-13T18:04:33.299Z",
    "type": "cve",
    "title": "Microsoft Excel Remote Code Execution Vulnerability",
    "source": "microsoft",
    "references": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20955",
    "id": "CVE-2026-20955",
    "bulletinFamily": "",
    "cwe": [
        "CWE-822"
    ],
    "cvelist": null,
    "sourceData": "Microsoft Office Online Server 16.0.0.0\nMicrosoft Microsoft Office 2019 19.0.0\nMicrosoft Microsoft 365 Apps for Enterprise 16.0.1\nMicrosoft Microsoft Office LTSC for Mac 2021 16.0.1\nMicrosoft Microsoft Office LTSC 2021 16.0.1\nMicrosoft Microsoft Office LTSC 2024 16.0.0\nMicrosoft Microsoft Office LTSC for Mac 2024 16.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Office Online Server",
    "version": "16.0.0.0",
    "vendor": "Microsoft",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Basic Information

Affected Product

CWE Classification

References

💭 Join the Security Discussion ❌ Cancel Reply