CVE-2026-32189
Published: 14 April 2026
Summary
CVE-2026-32189 is a high-severity Use After Free (CWE-416) vulnerability. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 21.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2026-32189 is a use-after-free vulnerability (CWE-416) affecting Microsoft Office Excel. Published on 2026-04-14T18:17:24.950, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The flaw enables an unauthorized attacker to execute code locally through malformed Excel files or related interactions within the Excel component.
An attacker with local access to the target system can exploit this vulnerability with low attack complexity and no required privileges, though user interaction is necessary, such as opening a malicious Excel document. Successful exploitation leads to arbitrary code execution in the context of the user, granting high-impact control over confidentiality, integrity, and availability of the affected system.
The Microsoft Security Response Center provides an update guide for mitigation at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32189, which details patching instructions and recommended actions for affected Microsoft Office Excel installations.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-22569
Vulnerability details
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Use-after-free in Excel enables RCE via opening malformed document (client-side vuln exploitation + malicious file user execution).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-2 requires timely identification, reporting, and correction of flaws like this use-after-free vulnerability through patching Microsoft Office Excel.
SI-16 implements memory protections such as ASLR and DEP that mitigate use-after-free exploits by preventing unauthorized code execution.
SI-3 deploys malicious code protection mechanisms to scan and block malformed Excel files before they can trigger the use-after-free vulnerability.