CVE-2025-27751

HIGH

Microsoft 365 Apps and Excel - Use-After-Free

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-27751. PoCs published by nu11secur1ty.

AI-analyzed exploit summary The provided code is a placeholder VBA macro with no functional exploit details. It directs users to external links for purchasing an exploit and lacks technical depth about the vulnerability.

Description

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Exploits (1)

exploitdb SUSPICIOUS

by nu11secur1ty · textlocalwindows

https://www.exploit-db.com/exploits/52332

View Code ZIP pw:eip

The provided code is a placeholder VBA macro with no functional exploit details. It directs users to external links for purchasing an exploit and lacks technical depth about the vulnerability.

Classification

Suspicious 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: Microsoft Excel 2016, MS Office Online Server KB5002699

No auth needed

Prerequisites: User interaction to open a malicious DOCX file

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27751

Scores

CVSS v3 7.8

EPSS 0.0139

EPSS Percentile 80.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-416

Status published

Products (6)

microsoft/365_apps

microsoft/excel 2016

microsoft/office 2019

microsoft/office_long_term_servicing_channel 2021 (2 CPE variants)

microsoft/office_long_term_servicing_channel 2024 (2 CPE variants)

microsoft/office_online_server

Published Apr 08, 2025

Tracked Since Feb 18, 2026