CVE-2025-64406

CVE-2025-64406: Apache OpenOffice: Possible memory corruption during CSV import

Vendor Apache Software Foundation

Product Apache OpenOffice

Weakness CWE-787

Published November 12, 2025

Last update November 12, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the issue.

Key dates

Disclosure timeline

November 12, 2025 CVE published

November 12, 2025 Record updated