A vulnerability categorized as critical has been discovered in libxls 1.6.3 . This affects the function xls_parseWorkBook of the component XLS File Parser . Such manipulation leads to uninitialized pointer. This vulnerability is uniquely identified as CVE-2026-26825 . The attack can only be initiated within the local network. No exploit exists.