Question 1

What is CVE-2026-4430?

Accepted Answer

CVE-2026-4430 is a high-severity software vulnerability (Out-of-bounds write) with a CVSS score of 7.8. Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters.

This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.

Question 2

Is CVE-2026-4430 being actively exploited?

Accepted Answer

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 0%.

Question 3

What products does CVE-2026-4430 affect?

Accepted Answer

Tracked products affected include LibreOffice. Check the version you run to see whether it is affected.

Question 4

How do I fix CVE-2026-4430?

Accepted Answer

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

CVE-2026-4430

Summary

Impact & exploitability

Affected products we track (1)

Recommendation

Additional information