CVE Catalog

CVE-2026-5242

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.30%

22th percentile — higher than 22% of all known CVEs

Summary

The Pizzy Library from MIA Technology Inc. has a vulnerability related to improper neutralization of formula elements in a CSV file, allowing for code injection.

Risk Assessment

An attacker could exploit this vulnerability to inject malicious code, potentially leading to serious security breaches in applications using this library.

Recommendation

It is recommended to update the Pizzy Library to version 1.3.9.26250 or later to mitigate this vulnerability.

Original NVD description (English source)

Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS