CVE-2025-64403 – Apache OpenOffice: Remote documents loaded without prompt via “external data sources” in Calc

CVE ID : CVE-2025-64403

Published : Nov. 12, 2025, 9:15 a.m. | 16 minutes ago

Description : Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of “external data sources”. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links
to be loaded without prompt.

This issue affects Apache OpenOffice: through 4.1.15.

Users are recommended to upgrade to version 4.1.16, which fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…