CVE-2026-12862

Vulnerability Description

Untrusted user data was passed verbatim to Excel exports for administrators. This allowed formula injection which can be used to compromise the environment of the user loading the file or other data in the file.

Vulnerability Details

Published Date

June 22, 2026

Last Modified

June 22, 2026

CWE ID

CWE-148

Source

NVD

Vendor

pretix

Product

Venueless

External References

https://github.com/venueless/venueless/security/advisories/GHSA-5hw3-655h-7m86

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment