PT-2026-49268 · Document Foundation · Libreoffice

Anthropic

Published

2026-06-15

Updated

2026-06-15

CVE-2026-8358

CVSS v4.0

6.9

Medium

Vector

AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions LibreOffice Calc (affected versions not specified)

Description A heap buffer overflow occurs during the import of tracked changes from a spreadsheet document. This happens when a document reuses the same change identifier for two different types of changes, causing the importer to treat a change object as a larger type and write data beyond the allocated memory boundary.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Type Confusion

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843CWE-787

Related Identifiers

CVE-2026-8358

Affected Products

Libreoffice

PT-2026-49268 · Document Foundation · Libreoffice

CVE-2026-8358

Weakness Enumeration

Related Identifiers

Affected Products

References · 3