CVE-2026-3665 PUBLISHED

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsx_consumer::read_office_document of the file source/detail/serialization/xlsx_consumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. The attack must be carried out locally. The exploit is publicly available and might be used.

• Oneafter (VulDB User) reporter

• VDB-349554 | xlnt-community xlnt XLSX File xlsx_consumer.cpp read_office_document null pointer dereference
• VDB-349554 | CTI Indicators (IOB, IOC, IOA)
• Submit #764647 | xlnt-community xlnt commit bceb706 and before NULL Pointer Dereference
• https://github.com/xlnt-community/xlnt/issues/140
• https://github.com/oneafter/0128/blob/main/xl4/repro
• https://github.com/xlnt-community/xlnt/

• NULL Pointer Dereference CWE
• Denial of Service CWE