CVE-2026-21514

Awaiting Analysis

Published: 10 Feb 2026, 17:51

Last modified:10 Feb 2026, 20:38

Vulnerability Summary

Overall Risk (default)

medium

31/100

CVSS Score

7.8 HIGH

v3.1 (cve.org)

EPSS Score

No data

KEV

Listed

CISA

1 listing

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

10 Feb 2026, 17:51

Published

Vulnerability first disclosed

10 Feb 2026, 00:00

Added to CISA KEV

Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability

10 Feb 2026, 20:38

Last Modified

Vulnerability information updated

03 Mar 2026, 00:00

CISA Remediation Due

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

CVSS Metrics

Weaknesses (CWE)

KEV Details

Affected Systems

References (2)