CVE-2026-6045
MediumCVSS 5.4Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
LibreOffice has a heap buffer overflow vulnerability when importing EMF+ graphics, which can lead to memory corruption. The issue arises from incorrectly calculating the allocation size for a gradient, potentially resulting in improper memory allocation.
Risk Assessment
An attacker could exploit this vulnerability to execute malicious code or destabilize the application, posing a threat to the integrity and availability of the system.
Recommendation
It is recommended to update LibreOffice to the latest version where security patches have been implemented to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could overflow, so a small buffer was allocated and then filled as if it were large, writing past its end. In fixed versions the blend-point count is checked against the data actually available before allocating.

