MEDIUM
openmcdf
CVE published 2026-07-17
CVE-2026-45785
CVE-2026-45785 is a denial of service vulnerability in OpenMcdf, a .NET library for Compound File Binary File Format files. The vulnerability is caused by a bug in the DirectoryTree.TryGetDirectoryEntry method that allows an attacker to craft a CFB file that drives an infinite loop, resulting in an unrecoverable denial of service. The bug is reachable from several methods, including RootStorage.OpenStorag [truncated]