CVE-2026-33114
Untrusted Pointer Dereference in Microsoft Word Enables Local Code Execution
Publication date: 2026-04-14
Last updated on: 2026-04-29
Assigner: Microsoft Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microsoft | 365_apps | * |
| microsoft | 365_apps | * |
| microsoft | office_long_term_servicing_channel | 2021 |
| microsoft | office_long_term_servicing_channel | 2024 |
| microsoft | office_long_term_servicing_channel | 2021 |
| microsoft | office_long_term_servicing_channel | 2021 |
| microsoft | office_long_term_servicing_channel | 2024 |
| microsoft | office_long_term_servicing_channel | 2024 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-822 | The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability is an untrusted pointer dereference in Microsoft Office Word that allows an unauthorized attacker to execute code locally on the affected system.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can execute arbitrary code on your system without your permission, potentially leading to full compromise of confidentiality, integrity, and availability of your data and system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, it is important to apply the latest security updates provided by Microsoft for Office Word as soon as they become available.
Additionally, avoid opening untrusted or suspicious Word documents to reduce the risk of exploitation.