Logo
Retour à la veille

CVE-2026-6045

Publié : 15 juin 2026
Modifié : 15 juin 2026
Lien officiel NVD

Description détaillée

LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could overflow, so a small buffer was allocated and then filled as if it were large, writing past its end. In fixed versions the blend-point count is checked against the data actually available before allocating.

Références et Patchs

https://www.libreoffice.org/about-us/security/advisories/cve-2026-6045

Dernières Vulnérabilités

CVE-2026-9691

Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 versions.

VOIR DÉTAILS

CVE-2026-52703

Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.

VOIR DÉTAILS

CVE-2026-52702

Unauthenticated Cross Site Scripting (XSS) in SEO Redirection <= 9.17 versions.

VOIR DÉTAILS