{"id":"CVE-2026-3663","details":"A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compound_document_istreambuf::xsgetn of the file source/detail/cryptography/compound_document.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit has been made public and could be used. The patch is named 147. It is recommended to apply a patch to fix this issue.","modified":"2026-03-15T22:52:35.218185Z","published":"2026-03-07T15:15:56.020Z","references":[{"type":"WEB","url":"https://github.com/xlnt-community/xlnt/"},{"type":"ADVISORY","url":"https://vuldb.com/?id.349552"},{"type":"ADVISORY","url":"https://vuldb.com/?submit.764644"},{"type":"REPORT","url":"https://github.com/xlnt-community/xlnt/issues/139"},{"type":"REPORT","url":"https://github.com/xlnt-community/xlnt/pull/147"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.349552"},{"type":"EVIDENCE","url":"https://github.com/oneafter/0128/blob/main/xl3/repro"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/xlnt-community/xlnt","events":[{"introduced":"0"},{"last_affected":"3b25b084eab473bb6009b8e3d03ba5ff10bb4891"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.6.1"}]}}],"versions":["v0.9.0","v0.9.1","v0.9.2","v1.0.0","v1.1.0","v1.2.0","v1.3.0","v1.4.0","v1.5.0","v1.6.0","v1.6.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3663.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}]}