VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 3, 2026

CVE-2026-26824

CVE-2026-26824

Description

libxls 1.6.3 has a use-after-uninitialized-memory bug in its OLE parser, potentially leading to crashes or info disclosure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

libxls 1.6.3 has a use-after-uninitialized-memory bug in its OLE parser, potentially leading to crashes or info disclosure.

Vulnerability

libxls versions through 1.6.3 contain a use of uninitialized memory vulnerability within the OLE container parser. Specifically, memory allocated for the Master Sector Allocation Table (MSAT) in the read_MSAT() function is not fully initialized before being consumed by ole2_validate_sector_chain(). This affects any application using libxls to parse XLS data [1].

Exploitation

An attacker can trigger this vulnerability by providing a crafted XLS file to an application using libxls. The vulnerability is triggered during OLE container parsing when processing untrusted input via xls_open_buffer(). MemorySanitizer detects this as an abort during parsing [1].

Impact

Successful exploitation of this vulnerability can lead to undefined behavior during the parsing of untrusted XLS files. This may result in application crashes, constituting a denial of service. There is also a potential for information disclosure due to heap residue [1].

Mitigation

libxls version 1.6.3 is affected. A fix for this vulnerability is available in newer versions of libxls. Users are advised to update to a patched version. The exact patched version and release date are not specified in the available references [1].

References
  1. Use of uninitialized memory in libxls OLE sector chain validation

AI Insight generated on Jun 3, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Libxls/Libxlsreferences2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=1.6.3

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

1

News mentions

0

No linked articles in our index yet.