CVE-2026-4430
published 2026-05-07CVE-2026-4430: Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue…
PriorityP339high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.08%
0.2th percentile
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters.
This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| libreoffice | libreoffice | — | — |
| libreoffice | libreoffice | >= 25.8.0.0 < 25.8.7.0 | 25.8.7.0 |
| libreoffice | libreoffice | >= 26.2.0.0 < 26.2.3.0 | 26.2.3.0 |
| the_document_foundation | libreoffice | >= 25.8 < 25.8.7 | 25.8.7 |
| the_document_foundation | libreoffice | >= 26.2 < 26.2.3 | 26.2.3 |
| ubuntu | libreoffice | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv4.05.4MEDIUMCVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat5.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cwgp-8p97-cf77: Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters
ghsa_unreviewed·2026-05-07
CVE-2026-4430 [MEDIUM] CWE-787 GHSA-cwgp-8p97-cf77: Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters.
This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.
Ubuntu
LibreOffice vulnerability
vendor_ubuntu·2026-06-01
CVE-2026-4430 LibreOffice vulnerability
Title: LibreOffice vulnerability
Summary: LibreOffice could be made to crash or run programs as your login if it
opened a specially crafted file.
Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched
encryption salt parameters in crafted OOXML documents. An attacker could
use this issue to cause LibreOffice to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Instructions: This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
Ubuntu
LibreOffice vulnerability
vendor_ubuntu·2026-05-28
CVE-2026-4430 LibreOffice vulnerability
Title: LibreOffice vulnerability
Summary: LibreOffice could be made to crash or run programs as your login if it
opened a specially crafted file.
Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched
encryption salt parameters in crafted OOXML documents. An attacker could
use this issue to cause LibreOffice to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
vendor_redhat·2026-05-07·CVSS 5.4
CVE-2026-4430 [MEDIUM] CWE-787 LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML (Office Open XML) document with mismatched encryption salt parameters. This could lead to a denial of service (DoS), making the application unavailable, and potentially result in limited information disclosure or integrity impact.
Mitigation: Users are advised to avoid opening untrusted or suspicious OOXML documents. This operational control reduces the risk of exploitation by preventing the vulnerable LibreOffice component from processing malicious input.
Package: libreoffice (Red Hat Enterprise Linux 6) - Affected
Package: libreoffice (Red Hat Enterprise
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-4430 libreoffice: LibreOffice: Denial of Service via crafted OOXML documents [fedora-all]
bugzilla·2026-05-15·CVSS 5.4
CVE-2026-4430 [MEDIUM] CVE-2026-4430 libreoffice: LibreOffice: Denial of Service via crafted OOXML documents [fedora-all]
CVE-2026-4430 libreoffice: LibreOffice: Denial of Service via crafted OOXML documents [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-4430 LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
bugzilla·2026-05-07·CVSS 5.4
CVE-2026-4430 [MEDIUM] CVE-2026-4430 LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
CVE-2026-4430 LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters.
This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.
2026-05-07
Published