QSearchQSearch

CVE-2026-8356

LibreOffice can import presentations in the legacy binary PPT format

Published: 2026-06-15 · Last updated: 2026-06-15

Severity and scoring

CWE
CWE-121, CWE-787

Description

LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose combined colour counts exceeded the table size wrote past the end of the tables on the stack. In fixed versions the unused second pass is no longer read into those tables.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-7273 A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allo... (8.8 HIGH)
  • CVE-2025-55660 A stack overflow in the gf_opus_read_length function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of... (5.5 MEDIUM)
  • CVE-2026-8358 LibreOffice Calc can import tracked changes from a spreadsheet document
  • CVE-2026-8357 LibreOffice Calc compiles cell formulas when opening a spreadsheet
  • CVE-2026-6047 LibreOffice can import documents in the OOXML format (DOCX)