CVE-2023-36563
Microsoft WordPad Information Disclosure Vulnerability
CVSS
—
No CVSS
EPSS
20.7%
p97
KEV
YES
Oct 10, 2023
Exploit Today
79
0-100
Published: — · Last modified: —
20.7%EPSS · 30 days20.7%
2026-06-302026-07-16
Product
Microsoft / WordPad
Vulnerability
Microsoft WordPad Information Disclosure Vulnerability
Added to KEV
Oct 10, 2023
Remediate by
Oct 31, 2023
Known ransomware use
No
Summary description
Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36563; https://nvd.nist.gov/vuln/detail/CVE-2023-36563
No related CVEs by CWE or product.