CVE-2026-12862 pretix CVE debrief

Who should care

Administrators and users of the affected product who generate or receive Excel exports are at risk. This vulnerability can lead to environment compromise for users who open malicious files. Therefore, IT administrators, security teams, and end-users who utilize Excel exports within the organization should be aware of this vulnerability and take necessary precautions.

Technical summary

The vulnerability arises from the lack of sanitization of user data when it is exported to Excel files. Attackers can inject malicious formulas into the Excel exports, which, when opened, can execute arbitrary actions. The CVSS:4.0 vector is AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X, indicating a medium severity level with limited impact and low exploitability.

Defensive priority

Medium priority due to limited exploitability but potential for environment compromise.

Recommended defensive actions

• Review and update Excel export functionalities to properly sanitize user input.
• Implement compensating controls such as restricting direct access to Excel files.
• Monitor Excel export logs for suspicious activity.
• Educate users on safe practices when opening files from untrusted sources.
• Apply vendor-supported remediation when available.

Evidence notes

The primary evidence for this vulnerability comes from the CVE record and NVD detail pages. The vulnerability allows for formula injection via Excel exports for administrators. Verification of affected products and versions should be done through official vendor advisories and CVE details. The information provided indicates a medium severity but emphasizes the importance of securing user data in exports to prevent potential compromise.

Official resources