Vulnerability intelligence

CVE-2009-0238

Microsoft Office Remote Code Execution

Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.

CVSS Score

8.8

High

EPSS — Exploit Probability

0.0%

Riskier than 0% of all CVEs

Exploitation

Confirmed in the wild

Used in ransomware campaigns

Remediation

Patch available

Federal deadline 2026-04-28

CISA required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2026-04-28.

NVD entry Vendor patch PoC / advisory CISA KEV

3 articles across 3 outlets · first covered Apr 14, 2026 · latest Apr 15, 2026

Coverage timeline

CISA adds old Excel RCE and SharePoint flaw to KEV list
securityaffairs.com · Apr 15, 2026
CISA Adds CVE-2009-0238 Excel Flaw to KEV Catalog, Urges Patching
www.cisa.gov · Apr 14, 2026
CISA Flags 2009 Excel Flaw CVE‑2009‑0238 as Actively Exploited
cisa.gov · Apr 14, 2026

Related CVEs — Microsoft

CVE-2026-41091KEV CVE-2008-4250KEV CVE-2009-1537KEV CVE-2010-0249KEV CVE-2010-0806KEV CVE-2026-45498KEV CVE-2026-33825KEV CVE-2026-42897KEV