Volerion logoVolerion
Volerion logoVolerion

Microsoft Excel Information Disclosure Vulnerability

Vulnerability

A vulnerability in Microsoft Office Excel allows unauthorized attackers to locally disclose sensitive information. This issue affects multiple versions of Excel, including Excel 2016 (both 32-bit and 64-bit editions), Microsoft 365 Apps for Enterprise (32-bit and 64-bit), Office 2019 (32-bit and 64-bit), Office LTSC 2024 (32-bit and 64-bit), and Office LTSC 2021 (32-bit and 64-bit). The vulnerability arises from the improper handling of certain data, which could allow an attacker to read small portions of heap memory.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, specifically small portions of heap memory.

Remediation

Users can download the security update for this vulnerability through the Microsoft Update Catalog. For Microsoft 365 Apps for Enterprise, the update is available via the Click-to-Run service.

Added: Nov 11, 2025, 7:38 PM
Updated: Nov 11, 2025, 7:38 PM

Vulnerability Rating

Custom Algorithm
spread
8.4
impact
2.5
exploitability
4.4
remediation
7.7
relevance
1.0
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.