Vulnerability in Collaboraonline Online

CVE-2025-24796

Collabora Online is a collaborative online office suite based on LibreOffice. Macro support is disabled by default in Collabora Online, but can be enabled by an administrator. Collabora Online typically hosts each document instance within…

EPSS: 0.001 (29.3th percentile) — read the EPSS interpretation.

Affected products

Collaboraonline Online — versions < 22.05.25, >= 23.05.1, < 23.05.19, >= 24.04.1.1, < 24.04.12.4

Weakness classification (CWE)

CWE-829 — Inclusion of Functionality from Untrusted Control Sphere

References

https://github.com/CollaboraOnline/online/security/advisories/GHSA-4jjq-vgqp-qw45 (x_refsource_CONFIRM)