NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-6040

Summary	A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed versions the position is bounds-checked before use.
Publication Date	June 16, 2026, 3:16 a.m.
Registration Date	June 16, 2026, 4:12 a.m.
Last Update	June 16, 2026, 3:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.libreoffice.org/about-us/security/advisories/cve-2026-6040	security@documentfoundation.org

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-416	解放済みメモリの使用	https://cwe.mitre.org/data/definitions/416.html
2	CWE-787	境界外書き込み	https://cwe.mitre.org/data/definitions/787.html