Vulnerability intelligence
CVE-2026-21509
Microsoft Office Security Feature Bypass Vulnerability
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.
CVSS Score
7.8
High
EPSS — Exploit Probability
12%
Riskier than 94% of all CVEs
Exploitation
Confirmed in the wild
Used in ransomware campaigns
Remediation
Patch available
Federal deadline 2026-02-16
CISA required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2026-02-16.
3 articles across 3 outlets · first covered Apr 8, 2026 · latest May 7, 2026
Associated threat actors
Coverage timeline
-
Office and Windows flaws boost exploit kits in Q1 2026securelist.com · May 7, 2026
-
Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tacticssecurityaffairs.com · Apr 8, 2026
-
APT28 Deploys New PRISMEX Malware Against Ukraine and NATO Alliesthehackernews.com · Apr 8, 2026