1. Home
  2. CVE Database
  3. CVE-2026-46722
NONE · 0

CVE-2026-46722

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requ...

Vulnerability Description

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index.

Related Weaknesses (CWE)

CWE-611

References

FAQ

What is CVE-2026-46722?

CVE-2026-46722 is a documented vulnerability. The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requ...

How severe is CVE-2026-46722?

CVSS scoring is not yet available for CVE-2026-46722. Check NVD for updates.

Is there a patch for CVE-2026-46722?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.