CVE-2026-50301 is a Microsoft Office heap-based buffer overflow that can let an attacker run code on a victim’s PC, but its CVSS vector is Local, not Network. The apparent contradiction comes from two different uses of “remote”: Microsoft’s vulnerability title describes the attacker-controlled...