Known Vulnerabilities for products from Libxls Project

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Libxls Project".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-26825 json A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable v... Not Provided 2026-06-03 2026-06-08
CVE-2026-26824 json libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocat... Not Provided 2026-06-03 2026-06-04
CVE-2023-38856 json Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of servi... 6.5 - MEDIUM 2023-08-15 2023-08-19
CVE-2023-38855 json Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of servi... 6.5 - MEDIUM 2023-08-15 2023-08-19
CVE-2023-38854 json Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of servi... 6.5 - MEDIUM 2023-08-15 2023-08-19
CVE-2023-38853 json Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of servi... 6.5 - MEDIUM 2023-08-15 2023-08-19
CVE-2023-38852 json Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of servi... 6.5 - MEDIUM 2023-08-15 2023-08-19
CVE-2023-38851 json Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of servi... 6.5 - MEDIUM 2023-08-15 2023-08-19
CVE-2021-27836 json An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of ser... 6.5 - MEDIUM 2021-11-03 2023-11-07
CVE-2020-27819 json An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. A NULL pointer dereference v... 5.5 - MEDIUM 2021-02-23 2021-02-26
CVE-2018-20452 json The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (... 8.8 - HIGH 2018-12-25 2020-03-30
CVE-2018-20450 json The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (applica... 6.5 - MEDIUM 2018-12-25 2020-03-30
CVE-2017-12111 json An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file wit... Not Provided 2017-11-20 2025-04-20
CVE-2017-12110 json An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file... Not Provided 2017-11-20 2025-04-20
CVE-2017-12109 json An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULR... 8.8 - HIGH 2018-04-24 2022-04-19
CVE-2017-12108 json An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULB... 8.8 - HIGH 2018-04-24 2023-01-28
CVE-2017-2919 json An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially cra... Not Provided 2017-11-20 2025-04-20
CVE-2017-2910 json An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls fi... 8.8 - HIGH 2020-12-02 2020-12-04
CVE-2017-2897 json An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file... Not Provided 2017-11-20 2025-04-20
CVE-2017-2896 json An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted ... Not Provided 2017-11-20 2025-04-20
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Libxls Project

Type Vendor Product Version
ApplicationLibxls ProjectLibxls-
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report