Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally.
CVE ID: CVE-2025-49756
CVSS Base Severity: LOW
CVSS Base Score: 3.3
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C
Vendor: Microsoft
Product: Microsoft 365 Apps for Enterprise
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 4.34% (scored less or equal to compared to others)
EPSS Date: 2025-07-10 (when was this score calculated)