Threat Intelligence / CVE / CVE-2026-32190

CVE-2026-32190

CVSS 8.4 (HIGH) · EPSS 0.1% · Published 2026-04-14

A heap-based buffer overflow vulnerability exists in Microsoft Word that allows remote code execution via the Preview Pane. Opening or previewing a specially crafted .docx file triggers heap corruption, enabling an attacker to execute arbitrary code in the context of the current user. The attack vector through the Preview Pane means exploitation can occur without the user explicitly opening the document, significantly increasing the risk surface. This vulnerability was patched as part of the Microsoft April 2026 Patch Tuesday release addressing 167 vulnerabilities.

CVSS v3 vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-122

Threats tracking this CVE

Microsoft April 2026 Patch Tuesday — 167 Flaws, 2 Zero-Days (SharePoint Spoofing CVE-2026-32201 + Defender EoP CVE-2026-33825) — CRITICAL

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32190

Full detection coverage & IOCs for threats exploiting CVE-2026-32190 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence