Security Advisory

CVE-2025-2866

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-27 19:04:52

Last updated 2025-11-03 19:46:42

Assigner Document Fdn.

State PUBLISHED

Description

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.

← Browse all CVEs View on cve.org ↗