Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-40902

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-12 May, 2026 | 22:02
Updated At-13 May, 2026 | 12:11
Rejected At-
Credits

PhpSpreadsheet: CPU Denial of Service via Unbounded Row Number in XLSX Row Dimensions

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's ColumnAndRowAttributes::readRowAttributes() method reads row numbers from XML attributes without validating them against the spreadsheet maximum row limit (AddressRange::MAX_ROW = 1,048,576). An attacker can craft a minimal XLSX file (~1.6KB) containing a <row r="999999999"/> element that inflates cachedHighestRow to 999,999,999, causing any subsequent row iteration to attempt ~1 billion loop cycles and exhaust CPU resources. This vulnerability is fixed in 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:12 May, 2026 | 22:02
Updated At:13 May, 2026 | 12:11
Rejected At:
â–¼CVE Numbering Authority (CNA)
PhpSpreadsheet: CPU Denial of Service via Unbounded Row Number in XLSX Row Dimensions

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's ColumnAndRowAttributes::readRowAttributes() method reads row numbers from XML attributes without validating them against the spreadsheet maximum row limit (AddressRange::MAX_ROW = 1,048,576). An attacker can craft a minimal XLSX file (~1.6KB) containing a <row r="999999999"/> element that inflates cachedHighestRow to 999,999,999, causing any subsequent row iteration to attempt ~1 billion loop cycles and exhaust CPU resources. This vulnerability is fixed in 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0.

Affected Products
Vendor
PHPOfficePHPOffice
Product
PhpSpreadsheet
Versions
Affected
  • < 1.30.4
  • >= 2.0.0, < 2.1.16
  • >= 2.2.0, < 2.4.5
  • >= 3.3.0, < 3.10.5
  • >= 4.0.0, < 5.7.0
Problem Types
TypeCWE IDDescription
CWECWE-770CWE-770: Allocation of Resources Without Limits or Throttling
Type: CWE
CWE ID: CWE-770
Description: CWE-770: Allocation of Resources Without Limits or Throttling
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7c6m-4442-2x6m
x_refsource_CONFIRM
Hyperlink: https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7c6m-4442-2x6m
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7c6m-4442-2x6m
exploit
Hyperlink: https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7c6m-4442-2x6m
Resource:
exploit
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:12 May, 2026 | 22:16
Updated At:14 May, 2026 | 14:50

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's ColumnAndRowAttributes::readRowAttributes() method reads row numbers from XML attributes without validating them against the spreadsheet maximum row limit (AddressRange::MAX_ROW = 1,048,576). An attacker can craft a minimal XLSX file (~1.6KB) containing a <row r="999999999"/> element that inflates cachedHighestRow to 999,999,999, causing any subsequent row iteration to attempt ~1 billion loop cycles and exhaust CPU resources. This vulnerability is fixed in 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
PHPOffice
phpoffice
>>phpspreadsheet>>Versions before 1.30.4(exclusive)
cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*
PHPOffice
phpoffice
>>phpspreadsheet>>Versions from 2.0.0(inclusive) to 2.1.16(exclusive)
cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*
PHPOffice
phpoffice
>>phpspreadsheet>>Versions from 2.2.0(inclusive) to 2.4.5(exclusive)
cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*
PHPOffice
phpoffice
>>phpspreadsheet>>Versions from 3.3.0(inclusive) to 3.10.5(exclusive)
cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*
PHPOffice
phpoffice
>>phpspreadsheet>>Versions from 4.0.0(inclusive) to 5.7.0(exclusive)
cpe:2.3:a:phpoffice:phpspreadsheet:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-770Secondarysecurity-advisories@github.com
CWE ID: CWE-770
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7c6m-4442-2x6msecurity-advisories@github.com
Exploit
Mitigation
Vendor Advisory
https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7c6m-4442-2x6m134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
Mitigation
Vendor Advisory
Hyperlink: https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7c6m-4442-2x6m
Source: security-advisories@github.com
Resource:
Exploit
Mitigation
Vendor Advisory
Hyperlink: https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-7c6m-4442-2x6m
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Mitigation
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

704Records found
CVE-2025-3221
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.43% / 63.02%
||
7 Day CHG~0.00%
Published-21 Jun, 2025 | 12:44
Updated-24 Aug, 2025 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM InfoSphere Information Server denial of service

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a remote attacker to cause a denial of service due to insufficient validation of incoming request resources.

Action-Not Available
Vendor-Linux Kernel Organization, IncIBM CorporationMicrosoft Corporation
Product-windowsinfosphere_information_serverlinux_kernelaixInfoSphere Information Server
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-20108
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.04%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P) could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&amp;P users who are attempting to authenticate to the service, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted login message to the affected device. A successful exploit could allow the attacker to cause an unexpected restart of the authentication service, preventing new users from successfully authenticating. Exploitation of this vulnerability does not impact Cisco Unified CM IM&amp;P users who were authenticated prior to an attack.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_communications_manager_im_and_presence_serviceCisco Unified Communications Manager IM and Presence Service
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-14870
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-0.04% / 11.33%
||
7 Day CHG~0.00%
Published-14 May, 2026 | 05:37
Updated-16 May, 2026 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted JSON payloads due to insufficient input validation.

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-34439
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-5.3||MEDIUM
EPSS-0.79% / 74.14%
||
7 Day CHG~0.00%
Published-21 Oct, 2022 | 18:05
Updated-07 May, 2025 | 14:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
  • Previous
  • 1
  • 2
  • ...
  • 13
  • 14
  • 15
  • Next
Details not found