cve-2026-45649

CVE-2026-45649 is an Important-rated spoofing vulnerability in Microsoft Office for Android, affecting Word, PowerPoint, and Excel. It stems from improper access control and requires a user to open a malicious Office file locally on an Android device. Microsoft assessed exploitation as unlikely and not publicly known or active at disclosure on June 9, 2026. However, the vulnerability highlights that mobile Office apps are part of the enterprise document attack surface. Updates were not immediately available at publication, making patch management a key concern for IT administrators. This tag covers discussions about the vulnerability, its impact on Android Office users, and guidance for securing mobile devices against such spoofing risks.