CVE-2026-26824

libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table MSAT in readMSAT is not fully initialized before being consumed by ole2validatesectorchain, which may result in application crashe...

CVE-2026-26824

libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table MSAT in readMSAT is not fully initialized before being consumed by ole2validatesectorchain, which may result in application crashe...

DEBIAN-CVE-2024-52035

An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

UBUNTU-CVE-2024-52035

An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

PT-2025-23527 · Catdoc +1 · Catdoc +1

Name of the Vulnerable Software and Affected Versions: catdoc version 0.95 Description: An integer overflow issue exists in the OLE Document File Allocation Table Parser functionality. This can be triggered by a specially crafted malformed file, leading to heap-based memory corruption. An attacke...

Denial Of Service (DoS)

github.com/velocidex/velociraptor is vulnerable to Denial of Service DoS attacks. Due of poor validation in the PE and OLE parsers, an attacker is able to cause the application to crash by processing a deliberately malformed file...