CVE-2026-48580
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVSS
5.5
Medium
EPSS
0.4%
p36
KEV
—
Exploit Today
11
0-100
Published: Jul 14, 2026 · Last modified: Jul 15, 2026 · CWE-822
0.4%EPSS · 30 days0.5%
2026-07-152026-07-16
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-504247.5 HIG53.5%
——16Untrusted pointer dereference in Windows Domain Controller allows an unauthorized attacker to deny service over a network.2dCVE-2026-585968.3 HIG36.4%
——11Untrusted pointer dereference in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network.3dCVE-2026-456457.8 HIG29.4%
——9Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.8dCVE-2026-551385.5 MED26.7%
——8Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.2dCVE-2026-504797.8 HIG23.9%
——7Untrusted pointer dereference in Windows USB Hub Driver allows an authorized attacker to elevate privileges locally.3hCVE-2026-551367.8 HIG22.2%
——7Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.2d