NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-6047

Summary	LibreOffice can import documents in the OOXML format (DOCX). A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed past the end of the allocation. In fixed versions the type is checked before the write.
Publication Date	June 16, 2026, 3:16 a.m.
Registration Date	June 16, 2026, 4:12 a.m.
Last Update	June 16, 2026, 3:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.libreoffice.org/about-us/security/advisories/cve-2026-6047	security@documentfoundation.org

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-787	境界外書き込み	https://cwe.mitre.org/data/definitions/787.html
2	CWE-843	型の取り違え	https://cwe.mitre.org/data/definitions/843.html