Description Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. Remediation References CVE-2026-40367 Related Vulnerabilities TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5745) Jenkins CVE-2023-43494 Vulnerability (CVE-2023-43494) WordPress CVE-2006-4028 Vulnerability (CVE-2006-4028) WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Request Forgery (5.2.5) Mailman Other Vulnerability (CVE-2005-3573) Severity High Classification CVE-2026-40367 CWE-822 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities