PatchSiren cyber security CVE debrief
CVE-2026-56192 Microsoft CVE debrief
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-14T18:18:29.447Z and has not been modified since then. The NVD entry is currently Analyzed. This vulnerability, CVE-2026-56192, is an out-of-bounds read in Microsoft Office, allowing an unauthorized attacker to disclose information locally. Users of Microsoft Office, particularly those with access to local, vulnerable installations, should prioritize patching to prevent potential information disclosure. The CVE record and NVD details provide information on the vulnerability. Microsoft has a patch available. Affected products include various versions of Microsoft Office and 365 Apps. The vulnerability has a CVSS score of 5.5 and a severity rating of MEDIUM.
- Vendor
- Microsoft
- Product
- Microsoft 365 Apps for Enterprise
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-14
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-14
- Advisory updated
- 2026-07-16
Who should care
Users of Microsoft Office, particularly those with access to local, vulnerable installations, should prioritize patching to prevent potential information disclosure.
Technical summary
CVE-2026-56192 is an out-of-bounds read vulnerability in Microsoft Office. An unauthorized attacker could exploit this vulnerability locally to disclose information. The vulnerability has a CVSS score of 5.5 and a severity rating of MEDIUM. Users of Microsoft Office, particularly those with access to local, vulnerable installations, should prioritize patching to prevent potential information disclosure. The CVE record and NVD details provide information on the vulnerability. Microsoft has a patch available for affected Office versions. Affected products include various versions of Microsoft Office and 365 Apps.
Defensive priority
Medium priority due to the local exploitation requirement but potential for information disclosure. Users of Microsoft Office, particularly those with access to local, vulnerable installations, should prioritize patching to prevent potential information disclosure. The CVE record and NVD details provide information on the vulnerability. Microsoft has a patch available. Affected products include various versions of Microsoft Office and 365 Apps. The vulnerability has a CVSS score of 5.5 and a severity rating of MEDIUM. The CVE record was published on 2026-07-14T18:18:29.447Z and has not been modified since then. The NVD entry is currently Analyzed. This vulnerability could allow an unauthorized attacker to disclose information locally. An out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. CVE-2026-56192 is an out-of-bounds read vulnerability in Microsoft Office. An unauthorized attacker could exploit this vulnerability locally to disclose information. The vulnerability has a CVSS score of 5.5 and a severity rating of MEDIUM. Users of Microsoft Office, particularly those with access to local, vulnerable installations, should prioritize patching to prevent potential information disclosure. The CVE record and NVD details provide information on the vulnerability. Microsoft has a patch available. Affected products include various versions of Microsoft Office and 365 Apps. The CVE record was published on 2026-07-14T18:18:29.447Z and has not been modified since then. The NVD entry is currently Analyzed. This vulnerability could allow an unauthorized attacker to disclose information locally. An out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. CVE-2026-56192 is an out-of-bounds read vulnerability in Microsoft Office. An unauthorized attacker could exploit this vulnerability locally to disclose information. The vulnerability has a CVSS score of 5.5 and a severity rating of MEDIUM. Users of Microsoft Office, particularly those with access to local, vulnerable installations, should prioritize patching to prevent potential information disclosure. The CVE record and NVD
Recommended defensive actions
- Apply patches from Microsoft for affected Office versions
- Inventory and update vulnerable Office installations
- Monitor for unusual activity indicating potential exploitation attempts
Evidence notes
The CVE record and NVD details provide information on the vulnerability. Microsoft has a patch available. Affected products include various versions of Microsoft Office and 365 Apps. The vulnerability has a CVSS score of 5.5 and a severity rating of MEDIUM. Users of Microsoft Office, particularly those with access to local, vulnerable installations, should prioritize patching to prevent potential information disclosure. The CVE record was published on 2026-07-14T18:18:29.447Z and has not been modified since then.
Official resources
-
CVE-2026-56192 CVE record
CVE.org
-
CVE-2026-56192 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-14T18:18:29.447Z and has not been modified since then.