Files or directories accessible to external parties in... · CVE-2026-35440 · GitHub Advisory Database · GitHub

Files or directories accessible to external parties in...

Moderate severity Unreviewed Published May 12, 2026 to the GitHub Advisory Database • Updated May 12, 2026

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

References

Published by the National Vulnerability Database

May 12, 2026

Published to the GitHub Advisory Database May 12, 2026

Last updated May 12, 2026

Severity

Moderate

/ 10

CVSS v3 base metrics

Attack vector

Local

Attack complexity

Low

Privileges required

None

User interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N