PT-2026-22730 · Xlnt Community · Xlnt

Oneafter

·

Publicado

2026-03-03

·

Atualizado

2026-03-10

·

CVE-2026-3463

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions xlnt-community xlnt versions up to 1.6.1
Description A flaw exists in xlnt-community xlnt up to version 1.6.1 related to the xlnt::detail::binary writer::append function within the source/detail/binary.hpp file of the Compound Document Parser component. This issue results in a heap-based buffer overflow. The exploitation of this issue is limited to local execution. The exploit code has been publicly released.
Recommendations Install patch 147 to address this issue.

Exploit

Correção

Buffer Overflow

Heap Based Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-122

Identificadores relacionados

CVE-2026-3463

Produtos afetados

Xlnt