7.5
CVE-2026-40902
- EPSS 0.4%
- Veröffentlicht 12.05.2026 22:02:39
- Zuletzt bearbeitet 14.05.2026 14:50:17
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
PhpSpreadsheet: CPU Denial of Service via Unbounded Row Number in XLSX Row Dimensions
PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's ColumnAndRowAttributes::readRowAttributes() method reads row numbers from XML attributes without validating them against the spreadsheet maximum row limit (AddressRange::MAX_ROW = 1,048,576). An attacker can craft a minimal XLSX file (~1.6KB) containing a <row r="999999999"/> element that inflates cachedHighestRow to 999,999,999, causing any subsequent row iteration to attempt ~1 billion loop cycles and exhaust CPU resources. This vulnerability is fixed in 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phpoffice ≫ Phpspreadsheet Version < 1.30.4
Phpoffice ≫ Phpspreadsheet Version >= 2.0.0 < 2.1.16
Phpoffice ≫ Phpspreadsheet Version >= 2.2.0 < 2.4.5
Phpoffice ≫ Phpspreadsheet Version >= 3.3.0 < 3.10.5
Phpoffice ≫ Phpspreadsheet Version >= 4.0.0 < 5.7.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.4% | 0.311 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-advisories@github.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7c6m-4442-2x6m