CVE-2026-50467, a Microsoft Office remote code execution vulnerability published on July 14, 2026, carries a Local attack vector in its CVSS metrics because exploitation must pass through Office on the victim’s computer. The “remote” in Microsoft’s title describes where the attacker can be...