LibreOffice 25.2.4

LibreOffice ❘ Open Source ❘
iOS Windows Mac Linux
out of 32 votes ❘
Rank 1 among competitors

❓ Frequently Asked Questions and Known Security Issues

1. Has LibreOffice been associated with any known security vulnerabilities?

Yes, LibreOffice has had several documented security vulnerabilities over the years. One notable example is CVE-2025-1080, a critical vulnerability that allowed attackers to execute arbitrary scripts via manipulated macro URLs. This flaw was patched in versions 24.8.5 and 25.2.1.
More details →

Another significant vulnerability is CVE-2025-0514, which involved improper validation of non-file URLs interpreted as Windows file paths, potentially allowing attackers to execute malicious files on Windows systems. This issue was addressed in version 24.8.5.
More details →

2. What was the issue with macro signature validation in LibreOffice?

LibreOffice had a vulnerability (CVE-2022-26305) where it improperly validated macro signatures. Instead of thoroughly verifying the certificate, it only matched the serial number and issuer string, which could be spoofed by attackers to run untrusted macros. This issue was fixed in versions 7.2.7 and 7.3.1.
More details →

3. Were there any vulnerabilities related to password storage in LibreOffice?

Yes, two vulnerabilities, CVE-2022-26306 and CVE-2022-26307, were identified concerning the storage of passwords for web connections. The first involved the use of a static initialization vector, making it easier for attackers to recover passwords without knowing the master password. The second involved weak master keys due to poor encoding, reducing their entropy and making them susceptible to brute-force attacks. Both issues were addressed in versions 7.2.7 and 7.3.3.
More details →

4. Has LibreOffice addressed issues with digital signature verification?

Yes, CVE-2024-7788 highlighted a vulnerability where signatures in "repair mode" were improperly trusted, potentially allowing malicious documents to appear legitimate. This issue was fixed in versions 24.2.5 and 24.8.0.
More details →

5. Are there any known issues with hyperlink handling in LibreOffice?

Indeed, CVE-2025-0514 addressed a vulnerability where LibreOffice's hyperlink handling mechanism could be exploited to execute malicious files on Windows systems. This was due to improper validation of non-file URLs interpreted as Windows file paths. The flaw was patched in version 24.8.5.
More details →

Installations

23,562 users of UpdateStar had LibreOffice installed last month.

Alternatives

Latest Version
25.2.4

Secure and free downloads checked by UpdateStar

Stay up-to-date
with UpdateStar freeware.

Latest Reviews

	Necrosmith Diving into the Dark Arts: Necrosmith Offers a Unique Twist on Strategy Gaming
	The Outer Worlds: Spacer's Choice Edition Revitalizing a Classic: The Outer Worlds Gets a Fresh Makeover
	Avast Business CloudCare Simplify Your Cybersecurity Management with Avast Business CloudCare
	Potion Permit Potion Permit: An Enchanting Blend of Crafting and Community
	PcmSoft PcmSoft by hgl: A Time Capsule of Software Innovation
	Mocha TN5250 for Windows Mocha TN5250: Reliable and User-Friendly IBM i Access

Most Popular Downloads

	UpdateStar Premium Edition Keeping Your Software Updated Has Never Been Easier with UpdateStar Premium Edition!
	Microsoft Edge A New Standard in Web Browsing
	Google Chrome Fast and Versatile Web Browser
	Microsoft Visual C++ 2015 Redistributable Package Boost your system performance with Microsoft Visual C++ 2015 Redistributable Package!
	Microsoft Visual C++ 2010 Redistributable Essential Component for Running Visual C++ Applications
	Microsoft OneDrive Streamline Your File Management with Microsoft OneDrive