Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library.
Source: Threadpost