Libreoffice

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-2866 LOW Monitor

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Libreoffice
NVD
CVSS 4.0
2.4
EPSS
0.1%
CVE-2025-1080 HIGH PATCH This Week

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. Rated high severity (CVSS 7.2), this vulnerability is no authentication required. No vendor patch available.

Microsoft Information Disclosure Libreoffice Debian Linux Redhat +1
NVD
CVSS 4.0
7.2
EPSS
0.1%
CVE-2025-0514 HIGH This Week

Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targets to be executed unconditionally on activation.8 before < 24.8.5. Rated high severity (CVSS 7.2), this vulnerability is no authentication required. No vendor patch available.

Microsoft Information Disclosure Libreoffice Windows Redhat
NVD
CVSS 4.0
7.2
EPSS
0.0%
CVE-2024-12426 MEDIUM PATCH This Month

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Libreoffice Debian Linux Redhat Suse
NVD
CVSS 4.0
6.7
EPSS
0.5%
CVE-2024-12425 LOW Monitor

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Libreoffice Debian Linux
NVD
CVSS 4.0
2.4
EPSS
0.4%
CVE-2025-2866
EPSS 0% CVSS 2.4
LOW Monitor

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Libreoffice
NVD
CVE-2025-1080
EPSS 0% CVSS 7.2
HIGH PATCH This Week

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. Rated high severity (CVSS 7.2), this vulnerability is no authentication required. No vendor patch available.

Microsoft Information Disclosure Libreoffice +3
NVD
CVE-2025-0514
EPSS 0% CVSS 7.2
HIGH This Week

Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targets to be executed unconditionally on activation.8 before < 24.8.5. Rated high severity (CVSS 7.2), this vulnerability is no authentication required. No vendor patch available.

Microsoft Information Disclosure Libreoffice +2
NVD
CVE-2024-12426
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Libreoffice Debian Linux +2
NVD
CVE-2024-12425
EPSS 0% CVSS 2.4
LOW Monitor

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Libreoffice Debian Linux
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy