cbcvebase.

The Document Foundation Libreoffice vulnerabilities

26 known vulnerabilities affecting the_document_foundation/libreoffice.

Total CVEs
26
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH13MEDIUM11LOW1

Vulnerabilities

Page 2 of 2
CVE-2026-6045P4MEDIUMCVSS 5.4≥ 25.8, < < 25.8.7≥ 26.2, < < 26.2.32026-06-15
CVE-2026-6045 [MEDIUM] CWE-190 CVE-2026-6045: LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow exi LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could overflow, so a small buffer was allocated and then filled as if it were large, w
nvd
CVE-2026-6047P4MEDIUMCVSS 5.4≥ 25.8, < < 25.8.7≥ 26.2, < < 26.2.32026-06-15
CVE-2026-6047 [MEDIUM] CWE-787 CVE-2026-6047: LibreOffice can import documents in the OOXML format (DOCX). A heap buffer overflow existed when rep LibreOffice can import documents in the OOXML format (DOCX). A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed past the end of the allocation. In fixed versions the
nvd
CVE-2026-6039P4MEDIUMCVSS 5.4≥ 25.8, < < 25.8.7≥ 26.2, < < 26.2.32026-06-15
CVE-2026-6039 [MEDIUM] CWE-197 CVE-2026-6039: LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow exist LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from the file was truncated to a 16-bit value when the point buffer was sized, while the full count was used to fill it, so a polyline whose point count exceeded the 16-bit range was written past t
nvd
CVE-2025-2866P4MEDIUMCVSS 5.5≥ 24.8, < < 24.8.6≥ 25.2, < < 25.2.22025-04-27
CVE-2025-2866 [MEDIUM] CWE-347 CVE-2025-2866: Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature S Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6,
nvd
CVE-2026-8358P4MEDIUMCVSS 5.4≥ 25.8, < < 25.8.7≥ 26.2, < < 26.2.42026-06-15
CVE-2026-8358 [MEDIUM] CWE-787 CVE-2026-8358: LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow exis LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its allocation. In fixed versions records with a duplicate identif
nvd
CVE-2024-12425P4LOWCVSS 3.3≥ 24.8, < < 24.8.42025-01-07
CVE-2024-12425 [LOW] CWE-22 CVE-2024-12425: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying a file in a format that supports embedded font files. This issue affects LibreOffice: from 24.8 befo
nvd
The Document Foundation Libreoffice vulnerabilities | cvebase