virus logo Endpoint Vulnerability

LibreOffice CVE-2025-0514 Validation Bypass Vulnerability

description-logoDescription

Improper input validation in LibreOffice 24.8 (up to 24.8.4) allows unconditionally executing Windows executable hyperlink targets when activated.

description-logoOutbreak Alert

FortiGuard Labs has observed significant level of exploitation attempts targeting the new PHP vulnerability. The TellYouThePass ransomware gang has been leveraging CVE-2024-4577, a remote code execution vulnerability in PHP to deliver web shells and deploy ransomware on targeted systems.

View the full Outbreak Alert Report

affected-products-logoAffected Applications

LibreOffice

Version Updates

Date Version Status Detail
2025-03-05 1.00824
New
 LibreOffice
2024-12-05 1.00785
Modified
 PHP
2024-06-10 1.00688
New
 PHP

References

https://www.libreoffice.org/about-us/security/advisories/cve-2025-0514
ID 5692
Created Jun 10, 2024
Description
Updated		 Jan 16, 2026
CVE ID
Tags PHP RCE Attack
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor LibreOffice
Patch manual
Application LibreOffice