VYPR
High severity7.8NVD Advisory· Published Apr 1, 2026· Updated Apr 28, 2026

CVE-2026-3779

CVE-2026-3779

Description

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

1