CVE-2026-56156 is a Microsoft Excel heap-based buffer overflow that can lead to remote code execution and information disclosure. Microsoft rates it CVSS v3.1 base 7.8 and temporal 6.8, with attack vector LOCAL, attack complexity LOW, privileges required NONE, and user interaction REQUIRED. The attack is described as local in CVSS terms, but Microsoft says the malicious content is delivered through an Office file that the user must open; the Preview Pane is not an attack vector. Microsoft reports no public disclosure and no known exploitation, with exploit code maturity UNPROVEN. Enterprise risk is mainly tied to user-driven execution of malicious Excel content rather than direct network exposure. Highlights: - CVSS scores: Base 7.8 - Temporal 6.8 - Exploit status & code maturity: Publicly Disclosed: No; Exploited: No; Exploit Code Maturity: UNPROVEN. - Impact: Remote Code Execution and Information Disclosure with HIGH confidentiality, integrity, and availability impacts. - Exploitation likelihood: Exploitation Less Likely; the vector is LOCAL with LOW attack complexity, NO privileges required, and USER INTERACTION REQUIRED. - Severity for enterprise: High severity, but real-world risk is lower than network-based unauthenticated issues because exploitation depends on a user opening a malicious Office file on the local machine. - Patch status: available; customer action required. Affected systems: - No products listed in the source data.