CVE lookup
CVE-2026-34084
Pruva has a verified reproduction for CVE-2026-34084: PhpSpreadsheet: SSRF via unsafe stream wrapper in IOFactory::load(). The canonical evidence record is REPRO-2026-00150.
REPRO
REPRO-2026-00150
Package
phpoffice/phpspreadsheet · composer
Severity
CRITICAL
Status
published