Vulnerabilities in Ascensio
2 resultsCVE-2026-41034MEDIUMONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion (via pictFmla.cbBufInCtlStm and othEPSS 0.3%CVE-2026-41030MEDIUMIn ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges.EPSS 0.2%