Jan 282026 Microsoft Office Zero-Day (CVE-2026–21509) — Emergency Patch Issued for Active Exploitation Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026–21509, a security feature bypass flaw.
