M365 Change Tracker

← All changes · security · CVE-2026-40362

CVE-2026-40362ImportantMonitor

Microsoft Excel Remote Code Execution Vulnerability

Severity Important  ·  Urgency Monitor

Why it matters: Important severity (CVSS 7.8)

Remote Code Execution · Important · CVSS 7.8. Affects: Office Online Server, Microsoft Office, Microsoft 365 Apps, Microsoft Office LTSC for Mac, Microsoft Office LTSC, Microsoft Excel.

CVSS 7.8EPSS 0.3%Update published 2026-06-23Source updated 2026-06-23KB5002871NVD

Affected: Office Online Server, Microsoft Office, Microsoft 365 Apps, Microsoft Office LTSC for Mac, Microsoft Office LTSC, Microsoft Excel

Change history

2026-06-23 · First seen

View at Microsoft →