vulnerability

Apache OpenOffice: CVE-2025-64406: Possible memory corruption during CSV import.

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Nov 12, 2025	Nov 13, 2025	Nov 17, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Nov 12, 2025

Added

Nov 13, 2025

Modified

Nov 17, 2025

Description

An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas.

This issue affects Apache OpenOffice: through 4.1.15.

Users are recommended to upgrade to version 4.1.16, which fixes the issue.

Solution

apache-openoffice-upgrade-latest

References

CWE-787
CVE-2025-64406
https://attackerkb.com/topics/CVE-2025-64406
URL-https://www.openoffice.org/security/cves/CVE-2025-64406.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today