Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.CreditsDuc Anh Nguyen (@Danzation)Caolán McNamara <caolan.mcnamara@collabora.com>Referenceshttps://www.libreoffice.org/about-us/security/advisories/cve-2026-4430
