EUVD-2026-23199
5.0
CVSS 3.1
Share
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None
Lifecycle Timeline
2
patch_available
Apr 16, 2026 - 07:01 EUVD
Analysis Generated
Apr 16, 2026 - 06:40 vuln.today
DescriptionNVD
ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion (via pictFmla.cbBufInCtlStm and other vectors), leading to an information leak and ASLR bypass.
AnalysisAI
ONLYOFFICE DocumentServer before 9.3.0 contains an untrusted pointer dereference vulnerability in XLS file processing that enables authenticated remote attackers to leak sensitive memory and bypass ASLR protections. The vulnerability affects XLS conversion workflows through multiple vectors including pictFmla.cbBufInCtlStm manipulation, allowing information disclosure without requiring user interaction. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).