The U.S. Cybersecurity and Infrastructure Security Agency
(CISA) on Wednesday added two security flaws impacting Microsoft
Office and Hewlett Packard Enterprise (HPE) OneView to its Known
Exploited Vulnerabilities (KEV) catalog, citing evidence of active
exploitation. The vulnerabilities are listed below - CVE-2009-0556
(CVSS score: 8.8) - A code injection vulnerability in Microsoft
Office
Read more https://thehackernews.com/2026/01/cisa-flags-microsoft-office-and-hpe.html
