{"id":"CVE-2026-3664","details":"A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compound_document::read_directory of the file source/detail/cryptography/compound_document.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds read. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. This patch is called 147. Applying a patch is advised to resolve this issue.","modified":"2026-04-02T13:31:01.336454Z","published":"2026-03-07T15:15:56.240Z","references":[{"type":"WEB","url":"https://github.com/xlnt-community/xlnt/"},{"type":"ADVISORY","url":"https://vuldb.com/?submit.764646"},{"type":"ADVISORY","url":"https://vuldb.com/?id.349553"},{"type":"REPORT","url":"https://github.com/xlnt-community/xlnt/issues/141"},{"type":"REPORT","url":"https://github.com/xlnt-community/xlnt/pull/147"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.349553"},{"type":"EVIDENCE","url":"https://github.com/oneafter/0128/blob/main/xl5/repro"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/xlnt-community/xlnt","events":[{"introduced":"0"},{"last_affected":"3b25b084eab473bb6009b8e3d03ba5ff10bb4891"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.6.1"}]}}],"versions":["v0.9.0","v0.9.1","v0.9.2","v1.0.0","v1.1.0","v1.2.0","v1.3.0","v1.4.0","v1.5.0","v1.6.0","v1.6.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3664.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}