CVE-2026-40420

Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.