10 matches found
CVE-2026-3664
A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compounddocument::readdirectory of the file source/detail/cryptography/compounddocument.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds rea...
CVE-2026-3665
A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...
CVE-2026-3663 xlnt-community xlnt XLSX File compound_document.cpp xsgetn out-of-bounds
A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...
CVE-2026-3663 xlnt-community xlnt XLSX File compound_document.cpp xsgetn out-of-bounds
A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...
PT-2026-23859
A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compound document istreambuf::xsgetn of the file source/detail/cryptography/compound document.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read...
PT-2026-23860
A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compound document::read directory of the file source/detail/cryptography/compound document.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds...
PT-2026-23864
A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsx consumer::read office document of the file source/detail/serialization/xlsx consumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference...
PT-2026-22730
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binary writer::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...
CVE-2026-2703 xlnt-community xlnt Encrypted XLSX File base64.cpp decode_base64 off-by-one
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...
CVE-2026-2703
CVE-2026-2703 affects the xlnt-community xlnt project up to version 1.6.1. The vulnerability resides in the function xlnt::detail::decode_base64 (source/detail/cryptography/base64.cpp) of the Encrypted XLSX File Parser and is caused by an off-by-one flaw introduced by manipulation. The issue requ...