PatchSiren cyber security CVE debrief
CVE-2026-6045 The Document Foundation CVE debrief
A heap buffer overflow existed in LibreOffice when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could overflow, so a small buffer was allocated and then filled as if it were large, writing past its end. In fixed versions, the blend-point count is checked against the data actually available before allocating.
- Vendor
- The Document Foundation
- Product
- LibreOffice
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of LibreOffice who open documents containing EMF+ graphics may be affected by this vulnerability.
Technical summary
The vulnerability occurs when importing an EMF+ gradient brush. The number of gradient blend points is read from the file and used to compute an allocation size. However, the multiplication can overflow, resulting in a small buffer being allocated and then filled as if it were large, leading to a heap buffer overflow.
Defensive priority
MEDIUM
Recommended defensive actions
- Update LibreOffice to a fixed version.
- Be cautious when opening documents from untrusted sources that contain EMF+ graphics.
Evidence notes
The CVE record indicates that the vulnerability has a CVSS score of 5.4 and a severity of MEDIUM.
Official resources
-
CVE-2026-6045 CVE record
CVE.org
-
CVE-2026-6045 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-6045 was published on 2026-06-15T18:16:37.007Z.