CVE-2026-4430

UNKNOWN 0.0

Heap Buffer Overflow in AgileEngine

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.

CWE	CWE-787
Vendor	the document foundation
Product	libreoffice
Published	May 7, 2026

Stay Ahead of the Next One

Get instant alerts for the document foundation libreoffice

Be the first to know when new unknown vulnerabilities affecting the document foundation libreoffice are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

The Document Foundation / LibreOffice

26.2 < 26.2.3 25.8 < 25.8.7

References

NVD ↗ CVE.org ↗ EPSS Data ↗

libreoffice.org: https://www.libreoffice.org/about-us/security/advisories/cve-2026-4430

Credits

Duc Anh Nguyen (@Danzation) Caolán McNamara <[email protected]>