Skip to main content

Onlyoffice Documentserver

1 CVEs product

Monthly

CVE-2026-41034 MEDIUM PATCH This Month

ONLYOFFICE DocumentServer before 9.3.0 contains an untrusted pointer dereference vulnerability in XLS file processing that enables authenticated remote attackers to leak sensitive memory and bypass ASLR protections. The vulnerability affects XLS conversion workflows through multiple vectors including pictFmla.cbBufInCtlStm manipulation, allowing information disclosure without requiring user interaction. CVSS 5.0 reflects moderate risk given network accessibility and the authentication barrier, though the scope change to CVSS:C indicates potential cross-boundary impact.

Information Disclosure Buffer Overflow Onlyoffice Documentserver
NVD GitHub VulDB
CVSS 3.1
5.0
EPSS
0.0%
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

ONLYOFFICE DocumentServer before 9.3.0 contains an untrusted pointer dereference vulnerability in XLS file processing that enables authenticated remote attackers to leak sensitive memory and bypass ASLR protections. The vulnerability affects XLS conversion workflows through multiple vectors including pictFmla.cbBufInCtlStm manipulation, allowing information disclosure without requiring user interaction. CVSS 5.0 reflects moderate risk given network accessibility and the authentication barrier, though the scope change to CVSS:C indicates potential cross-boundary impact.

Information Disclosure Buffer Overflow Onlyoffice Documentserver
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy