| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-14714 | TCC Bypass via Inherited Permissions in Bundled Interpreter | The Document Foundation | LibreOffice | - | - | 2025-12-15 10:30:56 | Deep Dive |
| CVE-2025-2866 | PDF signature forgery with adbe.pkcs7.sha1 SubFilter | The Document Foundation | LibreOffice | 中危 | - | 2025-04-27 19:04:52 | Deep Dive |
| CVE-2021-25635 | Content Manipulation with Certificate Validation Attack | The Document Foundation | LibreOffice | 中危 | - | 2025-03-21 14:52:50 | Deep Dive |
| CVE-2025-1080 | Macro URL arbitrary script execution | The Document Foundation | LibreOffice | 超危 | - | 2025-03-04 20:04:11 | Deep Dive |
| CVE-2025-0514 | Executable hyperlink Windows path targets executed unconditionally on activation | The Document Foundation | LibreOffice | 中危 | - | 2025-02-25 21:16:31 | Deep Dive |
| CVE-2024-12426 | URL fetching can be used to exfiltrate arbitrary INI file values and environment variables | The Document Foundation | LibreOffice | 中危 | - | 2025-01-07 12:22:33 | Deep Dive |
| CVE-2024-12425 | Path traversal leading to arbitrary .ttf file write | The Document Foundation | LibreOffice | 低危 | - | 2025-01-07 11:15:08 | Deep Dive |
| CVE-2024-7788 | Signatures in "repair mode" should not be trusted | The Document Foundation | LibreOffice | High | 7.8 | 2024-09-17 14:28:36 | Deep Dive |
| CVE-2024-6472 | Ability to trust not validated macro signatures removed in high security mode | The Document Foundation | LibreOffice | High | 7.8 | 2024-08-05 12:55:39 | Deep Dive |
| CVE-2024-5261 | TLS certificate are not properly verified when utilizing LibreOfficeKit | The Document Foundation | LibreOffice | - | - | 2024-06-25 12:44:24 | Deep Dive |
| CVE-2024-3044 | Graphic on-click binding allows unchecked script execution | The Document Foundation | LibreOffice | 中危 | - | 2024-05-14 20:19:51 | Deep Dive |
| CVE-2023-6186 | Link targets allow arbitrary script execution | The Document Foundation | LibreOffice | High | 8.3 | 2023-12-11 11:56:40 | Deep Dive |
| CVE-2023-6185 | Improper input validation enabling arbitrary Gstreamer pipeline injection | The Document Foundation | LibreOffice | High | 8.3 | 2023-12-11 11:52:06 | Deep Dive |
| CVE-2023-1183 | Arbitrary file write | - | libreoffice | Medium | 5.0 | 2023-07-10 15:04:31 | Deep Dive |
| CVE-2023-2255 | Remote documents loaded without prompt via IFrame | The Document Foundation | LibreOffice | 中危 | - | 2023-05-25 00:00:00 | Deep Dive |
| CVE-2023-0950 | Array Index UnderFlow in Calc Formula Parsing | The Document Foundation | LibreOffice | 高危 | - | 2023-05-25 00:00:00 | Deep Dive |
| CVE-2022-3140 | Macro URL arbitrary script execution | The Document Foundation | LibreOffice | 中危 | - | 2022-10-11 00:00:00 | Deep Dive |
| CVE-2022-26307 | Weak Master Keys | The Document Foundation | LibreOffice | 高危 | - | 2022-07-25 00:00:00 | Deep Dive |
| CVE-2022-26306 | Execution of Untrusted Macros Due to Improper Certificate Validation | The Document Foundation | LibreOffice | 高危 | - | 2022-07-25 00:00:00 | Deep Dive |
| CVE-2022-26305 | Execution of Untrusted Macros Due to Improper Certificate Validation | The Document Foundation | LibreOffice | 高危 | - | 2022-07-25 00:00:00 | Deep Dive |