{"id":"CVE-2026-3665","details":"A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsx_consumer::read_office_document of the file source/detail/serialization/xlsx_consumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. The attack must be carried out locally. The exploit is publicly available and might be used.","modified":"2026-03-14T02:00:24.278478Z","published":"2026-03-07T16:15:56.583Z","references":[{"type":"WEB","url":"https://github.com/xlnt-community/xlnt/"},{"type":"ADVISORY","url":"https://vuldb.com/?id.349554"},{"type":"ADVISORY","url":"https://vuldb.com/?submit.764647"},{"type":"REPORT","url":"https://github.com/xlnt-community/xlnt/issues/140"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.349554"},{"type":"EVIDENCE","url":"https://github.com/oneafter/0128/blob/main/xl4/repro"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/xlnt-community/xlnt","events":[{"introduced":"0"},{"last_affected":"3b25b084eab473bb6009b8e3d03ba5ff10bb4891"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.6.1"}]}}],"versions":["v0.9.0","v0.9.1","v0.9.2","v1.0.0","v1.1.0","v1.2.0","v1.3.0","v1.4.0","v1.5.0","v1.6.0","v1.6.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-3665.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}