Out-of-Bounds Read in Encrypted XLSX File Parser of xlnt by xlnt-community
CVE-2026-3664

4.8MEDIUM

Key Information:

Vendor

Xlnt-community

Status
Xlnt
Vendor
CVE Published:
7 March 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-3664?

A vulnerability exists in the Encrypted XLSX File Parser of the xlnt product by xlnt-community, specifically in the xlnt::detail::compound_document::read_directory function, found in the file source/detail/cryptography/compound_document.cpp. This issue allows for an out-of-bounds read, which can be exploited through local execution. The vulnerability has been publicly disclosed and a patch (identified as 147) has been released to address the issue. Users are strongly advised to apply the patch to safeguard against potential exploitation.

Affected Version(s)

xlnt 1.6.0

xlnt 1.6.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-3664 - Proof of Concept

References

https://vuldb.com/?id.349553
vdb-entrytechnical-description
https://vuldb.com/?ctiid.349553
signaturepermissions-required
https://vuldb.com/?submit.764646
third-party-advisory

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Oneafter (VulDB User)
.