Lucene search
K

5 matches found

NVD
NVD
added 2026/06/15 6:16 p.m.13 views

CVE-2026-6040

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

7.3CVSS0.00114EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/15 4:21 p.m.8 views

CVE-2026-6040 Heap use-after-free in ODF number-format blank-width parsing

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

6.9CVSS5.2AI score0.00114EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 4:21 p.m.48 views

CVE-2026-6040 Heap use-after-free in ODF number-format blank-width parsing

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

6.9CVSS0.00114EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 4:21 p.m.14 views

CVE-2026-6040

CVE-2026-6040 is a heap use‑after‑free vulnerability in LibreOffice related to parsing the blank‑width characters of an ODF number format. According to multiple connected disclosures, a memory access could occur when a position value read from the document is not checked against the length of the...

7.3CVSS5.3AI score0.00114EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/15 4:21 p.m.8 views

CVE-2026-6040

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

7.3CVSS5.3AI score0.00114EPSS
Exploits0
Rows per page
Query Builder