CVE-2026-6047

Vulnerability Description

LibreOffice can import documents in the OOXML format (DOCX). A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed past the end of the allocation. In fixed versions the type is checked before the write.

Vulnerability Details

Published Date

June 15, 2026

Last Modified

June 15, 2026

CWE ID

CWE-787

Source

NVD

External References

https://www.libreoffice.org/about-us/security/advisories/cve-2026-6047

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment