High severity7.8NVD Advisory· Published May 12, 2022· Updated Jun 17, 2026
CVE-2021-40399
CVE-2021-40399
Description
An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: = 11.2.0.10351
= 11.2.0.10351+ 1 more
- (no CPE)range: = 11.2.0.10351
- (no CPE)range: 11.2.0.10351
Patches
Vulnerability mechanics
References
2- security.wps.cn/notices/28nvdThird Party Advisory
- talosintelligence.com/vulnerability_reports/TALOS-2021-1412nvdThird Party Advisory
News mentions
0No linked articles in our index yet.