CVE-2026-46722

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index...

CVE-2026-4430

CVE-2026-4430 is an out-of-bounds write in LibreOffice triggered by opening OOXML documents with malformed encryption parameters. Affected releases: LibreOffice 26.2 before 26.2.3 and 25.8 before 25.8.7. Debian security advisory DSA-6251-1 confirms a buffer overflow could cause an out-of-bounds w...

GHSA-RM4C-XJ6X-49MW Gotenberg has a Server-Side Request Forgery (SSRF) Issue

Summary The SSRF hardening shipped in v8.31.0 only covers outbound URLs that Gotenberg's Go code handles — Chromium asset fetches, webhook delivery, and download-from. The LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecti...

Purgalicious VBA: Macro Obfuscation With VBA Purging

Malicious Office documents remain a favorite technique for every type of threat actor, from red teamers to FIN groups to APTs. In this blog post, we will discuss "VBA Purging", a technique we have increasingly observed in the wild and that was first publicly documented by Didier Stevens in Februa...