CVE-2026-3665

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the xsgetn function of the XLSX file parser process. An attacker can cause a denial of service by providing specially crafted input that triggers an out-of-bounds read during file parsing. Remediation A fix was...

CVE-2026-3665

The CVE-2026-3665 entry concerns the xlnt-community xlnt XLSX File Parser (up to version 1.6.1). The affected element is xlnt::detail::xlsx_consumer::read_office_document in source/detail/serialization/xlsx_consumer.cpp, where manipulation leads to a null pointer dereference. Exploitation require...

CVE-2026-3664

A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compounddocument::readdirectory of the file source/detail/cryptography/compounddocument.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds rea...

CVE-2026-3664 xlnt-community xlnt Encrypted XLSX File compound_document.cpp read_directory out-of-bounds

A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compounddocument::readdirectory of the file source/detail/cryptography/compounddocument.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds rea...

CVE-2026-3663 xlnt-community xlnt XLSX File compound_document.cpp xsgetn out-of-bounds

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...

CVE-2026-3663 xlnt-community xlnt XLSX File compound_document.cpp xsgetn out-of-bounds

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...

PT-2026-23864

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsx consumer::read office document of the file source/detail/serialization/xlsx consumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference...

CVE-2026-2703

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...

CVE-2026-2703

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...