CVE-2025-64402

Name of the Vulnerable Software and Affected Versions Apache OpenOffice versions through 4.1.15

Description Apache OpenOffice documents can contain links. A missing authorization check in Apache OpenOffice allowed an attacker to create a document that would load external links without user confirmation. Specifically, documents utilizing "OLE objects" linked to external files would load the contents of those files without prompting the user for permission.

Recommendations Upgrade to version 4.1.16 to resolve this issue.