CVE-2026-26824 in libxls信息

摘要

由 MITRE • 2026-06-03

libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_validate_sector_chain(), which may result in application crashes or potential information disclosure when processing a crafted XLS file

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

负责

MITRE

预定

2026-02-16

披露

2026-06-03

管理

已接受

条目

VDB-368222

CPE

准备好

CWE

CWE-824 (已确认)

CVSS

5.5 (VulDB)

EPSS

0.00000

KEV

否

活动

低

来源

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-26824
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-26824
CVE Details	https://www.cvedetails.com/cve/CVE-2026-26824/

◂ 上一步一览下一步 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!