Description
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binary_writer::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. Patch name: 147. It is suggested to install a patch to address this issue.
References (8)
Core 8
Core References
Permissions Required, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.348530
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.348530
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.764643
Issue Tracking issue-tracking
https://github.com/xlnt-community/xlnt/issues/138
Issue Tracking issue-tracking
https://github.com/xlnt-community/xlnt/issues/138#issuecomment-3868381672
Third Party Advisory exploit
https://github.com/oneafter/0128/blob/main/xl2/repro
Issue Tracking issue-tracking
patch
https://github.com/xlnt-community/xlnt/pull/147
Various Sources product
https://github.com/xlnt-community/xlnt/
Scores
CVSS v3
3.3
EPSS
0.0019
EPSS Percentile
9.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-119
CWE-122
Status
published
Products (1)
xlnt-community/xlnt
< 1.6.1
Published
Mar 03, 2026
Tracked Since
Mar 03, 2026