CVE-2026-40367
High
Published: 12 May 2026
Published
12 May 2026
Modified
12 May 2026
KEV Added
—
Patch
—
CVSS Score
8.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
N/A
Risk Priority
17
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2026-40367 is a high-severity Untrusted Pointer Dereference (CWE-822) vulnerability. Its CVSS base score is 8.4 (High).
Operationally, it is not currently listed in the CISA KEV catalog.
NVD Description
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Deeper analysisAI
Automated synthesis unavailable for this CVE.
Details
- CWE(s)