PatchSiren cyber security CVE debrief
CVE-2026-6047 The Document Foundation CVE debrief
CVE-2026-6047 is a medium-severity vulnerability in LibreOffice, a popular open-source office suite. The vulnerability is caused by a heap buffer overflow that occurs when replaying deferred parser events for a text box element in the OOXML format (DOCX).
- Vendor
- The Document Foundation
- Product
- LibreOffice
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of LibreOffice, especially those who handle DOCX files, should be aware of this vulnerability. The vulnerability has a CVSS score of 5.4 and is considered medium-severity.
Technical summary
The vulnerability is caused by a heap buffer overflow that occurs when replaying deferred parser events for a text box element in the OOXML format (DOCX). A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed past the end of the allocation. In fixed versions, the type is checked before the write.
Defensive priority
Medium
Recommended defensive actions
- Update LibreOffice to the latest version.
- Be cautious when opening DOCX files from untrusted sources.
Evidence notes
The CVE record was obtained from the official CVE website [cve-org]. The vulnerability details were obtained from the NVD database [nvd]. The vendor information was obtained from the LibreOffice security advisory [ref-4].
Official resources
-
CVE-2026-6047 CVE record
CVE.org
-
CVE-2026-6047 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-6047 was published on 2026-06-15T18:16:37.127Z and has not been modified since then.