diff --git a/tests/PhpSpreadsheetTests/Reader/Security/XmlScannerTest.php b/tests/PhpSpreadsheetTests/Reader/Security/XmlScannerTest.php
index 26906c094b..adb25a973f 100644
--- a/tests/PhpSpreadsheetTests/Reader/Security/XmlScannerTest.php
+++ b/tests/PhpSpreadsheetTests/Reader/Security/XmlScannerTest.php
@@ -166,4 +166,20 @@ public function testEncodingAllowsMixedCase(): void
         $output = $scanner->scan($input = '<?xml version="1.0" encoding="utf-8"?><foo>bar</foo>');
         self::assertSame($input, $output);
     }
+
+    public function testUtf7Whitespace(): void
+    {
+        $this->expectException(ReaderException::class);
+        $this->expectExceptionMessage('Double-encoded');
+        $reader = new Xlsx();
+        $reader->load('tests/data/Reader/XLSX/utf7white.dontuse');
+    }
+
+    public function testUtf8Entity(): void
+    {
+        $this->expectException(ReaderException::class);
+        $this->expectExceptionMessage('Detected use of ENTITY');
+        $reader = new Xlsx();
+        $reader->load('tests/data/Reader/XLSX/utf8entity.dontuse');
+    }
 }
diff --git a/tests/data/Reader/XLSX/utf7white.dontuse b/tests/data/Reader/XLSX/utf7white.dontuse
new file mode 100644
index 0000000000..24e9b1f5c2
Binary files /dev/null and b/tests/data/Reader/XLSX/utf7white.dontuse differ
diff --git a/tests/data/Reader/XLSX/utf8entity.dontuse b/tests/data/Reader/XLSX/utf8entity.dontuse
new file mode 100644
index 0000000000..d69097772c
Binary files /dev/null and b/tests/data/Reader/XLSX/utf8entity.dontuse differ
diff --git a/tests/data/Reader/Xml/XEETestInvalidUTF-7-whitespace.xml b/tests/data/Reader/Xml/XEETestInvalidUTF-7-whitespace.xml
new file mode 100644
index 0000000000..143591d74a
--- /dev/null
+++ b/tests/data/Reader/Xml/XEETestInvalidUTF-7-whitespace.xml
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding ='UTF-7' standalone="yes"?>
+    +ADw-+ACE-DOCTYPE+ACA-foo+ACA-+AFs-+ADw-+ACE-ENTITY+ACA-toreplace+ACA-+ACI-xxe+AF8-test+ACI-+AD4-+ACA-+AF0-+AD4-+AAo-+ADw-sst+ACA-xmlns+AD0-+ACI-http://schemas.openxmlformats.org/spreadsheetml/2006/main+ACI-+ACA-count+AD0-+ACI-2+ACI-+ACA-uniqueCount+AD0-+ACI-1+ACI-+AD4-+ADw-si+AD4-+ADw-t+AD4-+ACY-toreplace+ADs-+ADw-/t+AD4-+ADw-/si+AD4-+ADw-/sst+AD4-
diff --git a/tests/data/Reader/Xml/XEETestValidUTF-8-whitespace.xml b/tests/data/Reader/Xml/XEETestValidUTF-8-whitespace.xml
new file mode 100644
index 0000000000..6dc0e5c3f3
--- /dev/null
+++ b/tests/data/Reader/Xml/XEETestValidUTF-8-whitespace.xml
@@ -0,0 +1,4 @@
+<?xml version='1.0' encoding = "UTF-8" standalone='yes'?>
+<root>
+	test: Valid
+</root>