libreoffice is vulnerable to Improper Preservation of Permissions. The vulnerability is due to there is no macro permission validation for The Document Foundation in LibreOffice. This allows an attacker to execute built-in macros without warning the user.
lists.debian.org/debian-lts-announce/2023/12/msg00026.html
lists.fedoraproject.org/archives/list/[email protected]/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/
security-tracker.debian.org/tracker/CVE-2023-6186
www.debian.org/security/2023/dsa-5574
www.libreoffice.org/about-us/security/advisories/cve-2023-6186