RHSA-2026:28922 Red Hat Security Advisory: libreoffice security update

Bulletin has no description...

AlmaLinux 8 : libreoffice (ALSA-2026:28922)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:28922 advisory. LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents CVE-2026-4430 Tenable has extracted the preceding description block directly from the...

RockyLinux 9 : libreoffice (RLSA-2026:28290)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:28290 advisory. LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents CVE-2026-4430 Tenable has extracted the preceding description block directly from the...

RockyLinux 8 : libreoffice (RLSA-2026:28922)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:28922 advisory. LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents CVE-2026-4430 Tenable has extracted the preceding description block directly from the...

LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents

A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML Office Open XML document with mismatched encryption salt parameters. This could lead to a denial of service DoS, making the application...

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

RHSA-2026:28290 Red Hat Security Advisory: libreoffice security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents

A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML Office Open XML document with mismatched encryption salt parameters. This could lead to a denial of service DoS, making the application...

RHEL 9 : libreoffice (RHSA-2026:28290)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28290 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...

RHEL 8 : libreoffice (RHSA-2026:28922)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28922 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...

CVE-2026-8358

A heap-based buffer overflow vulnerability was discovered in LibreOffice Calc's spreadsheet importer. When processing tracked changes from a spreadsheet document, the application fails to properly handle duplicate change identifiers. By reusing the same change identifier for two distinct types of...

Astra Linux – Vulnerability in LibreOffice

LibreOffice supports digital signatures for ODF documents and macros within documents. It provides visual aids to indicate that the document has not been altered since the last signature, and that the signature is valid. A vulnerability in certificate validation in LibreOffice allowed attackers t...

Astra Linux – Vulnerability in LibreOffice

There was an improper certificate validation vulnerability in LibreOffice, where the determination of whether a macro was signed by a trusted author was based solely on comparing the serial number and issuer string of the used certificate with those of a trusted certificate. This is insufficient ...

Astra Linux – Vulnerability in LibreOffice

LibreOffice supports digital signatures for ODF documents and macros within documents. It provides visual indicators that confirm that the document has not been altered since the last signature, and that the signature is valid. A vulnerability in certificate validation in LibreOffice allowed...

Astra Linux – Vulnerability in LibreOffice

Improper limitation of a pathname to a restricted directory “Path Traversal” vulnerability in The Document Foundation LibreOffice allows for absolute path traversal. An attacker can write to arbitrary locations, even those prefixed with “.ttf”, by providing a file in a format that supports embedd...

Astra Linux – Vulnerability in LibreOffice

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted using a single master key provided by the user. There was a flaw in LibreOffice where the required initialization vector for encryption was always the same,...

Astra Linux – Vulnerability in LibreOffice

The Document Foundation LibreOffice has a vulnerability where environmental variables and arbitrary INI file values may be exposed to unauthorized actors. URLs can be created that expand environmental variables or INI file values, allowing potentially sensitive information to be exfiltrated to a...

GHSA-2MRG-35HW-X3X9 Gotenberg: SSRF via LibreOffice document processing

Summary Server-Side Request Forgery SSRF vulnerability affecting the /forms/libreoffice/convert endpoint in Gotenberg v8.33.0 running with the default configuration. By uploading a specially crafted DOCX document, an attacker can cause LibreOffice to automatically retrieve external resources duri...

CVE-2026-6040

A vulnerability was found in LibreOffice. If a user inadvertently opens a malicious OpenDocument Format ODF file, an attacker could execute unauthorized code and potentially gain full control of the system. Mitigation Users should exercise caution and avoid opening untrusted OpenDocument Format O...