CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

230 matches found

SUSE CVE•added 2026/06/05 3:14 a.m.•10 views

SUSE CVE-2026-26824

libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table MSAT in readMSAT is not fully initialized before being consumed by ole2validatesectorchain, which may result in application crashe...

6.5CVSS5.8AI score0.00228EPSS

Exploits1References3

Tenable Nessus•added 2026/06/05 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-26825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggere...

5.3CVSS5.5AI score0.00214EPSS

Exploits1References3

Tenable Nessus•added 2026/06/05 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-26824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation...

6.5CVSS5.5AI score0.00228EPSS

Exploits1References3

RedhatCVE•added 2026/06/04 12:11 a.m.•14 views

CVE-2026-26825

A flaw was found in libxls. This use-of-uninitialized memory vulnerability occurs when the software processes specially crafted XLS files. An attacker could exploit this by providing a malformed XLS file, which may lead to undefined behavior, incorrect parsing logic, or potential information...

5.3CVSS5.6AI score0.00214EPSS

Exploits1References2

RedhatCVE•added 2026/06/04 12:9 a.m.•16 views

CVE-2026-26824

A flaw was found in libxls. This vulnerability, a use of uninitialized memory, occurs in the OLE container parser when processing a specially crafted XLS file. An attacker could exploit this by providing a malicious XLS file, which may lead to application crashes or the potential disclosure of...

6.5CVSS5.6AI score0.00228EPSS

Exploits1References2

Snyk•added 2026/06/03 10:23 p.m.•7 views

Use of Uninitialized Variable

Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable in the readMSAT function. An attacker can cause application crashes or potentially disclose sensitive information by submitting a specially crafted XLS file. Remediation There is no fixed version for libxls...

6.9CVSS5.2AI score0.00228EPSS

Exploits1References2

NVD•added 2026/06/03 8:16 p.m.•11 views

CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.3CVSS0.00214EPSS

Exploits1References1

NVD•added 2026/06/03 8:16 p.m.•8 views

CVE-2026-26824

6.5CVSS0.00228EPSS

Exploits1References1

OSV•added 2026/06/03 8:16 p.m.•6 views

DEBIAN-CVE-2026-26824

6.5CVSS5.4AI score0.00228EPSS

Exploits1References1

OSV•added 2026/06/03 8:16 p.m.•8 views

UBUNTU-CVE-2026-26824

6.5CVSS5.4AI score0.00228EPSS

Exploits1References3

OSV•added 2026/06/03 8:16 p.m.•7 views

UBUNTU-CVE-2026-26825

5.3CVSS5.5AI score0.00214EPSS

Exploits1References3

CVE•added 2026/06/03 12:0 a.m.•18 views

CVE-2026-26824

CVE-2026-26824 affects libxls up to version 1.6.3, where the MSAT (Master Sector Allocation Table) memory allocated during read_MSAT() is not fully initialized before use by ole2_validate_sector_chain() in the OLE container parser. This use-of-uninitialized-memory can cause application crashes or...

6.5CVSS5.8AI score0.00228EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2026/06/03 12:0 a.m.•6 views

CVE-2026-26825

5.5AI score0.00214EPSS

Exploits1References1

CVE•added 2026/06/03 12:0 a.m.•19 views

CVE-2026-26825

Libxls 1.6.3 contains a use-of-uninitialized memory vulnerability when parsing malformed XLS files. The issue is triggered by uninitialized heap memory originating from the OLE layer (ole2_read) and is reachable via xls_parseWorkBook(). MemorySanitizer can detect it; the advisory notes undefined ...

5.3CVSS5.8AI score0.00214EPSS

Exploits1References1Affected Software1

CNNVD•added 2026/06/03 12:0 a.m.•6 views

libxls 安全漏洞

libxls is an open-source C library for reading old binary OLE format Excel files. Version 1.6.3 of libxls contains a security vulnerability. This vulnerability stems from the use of uninitialized memory during the parsing of malformed XLS files, which may lead to undefined behavior, parsing error...

5.3CVSS5.2AI score0.00214EPSS

Exploits1References1

CNNVD•added 2026/06/03 12:0 a.m.•7 views

libxls 安全漏洞

libxls is an open-source C library designed for reading old binary OLE-formatted Excel files. Versions of libxls 1.6.3 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of uninitialized memory within the OLE container resolver, which could lead to application...

6.5CVSS5.3AI score0.00228EPSS

Exploits1References1