RCE in Collaboraonline Online

CVE-2025-66208

Collabora Online - Built-in CODE Server (richdocumentscode) provides a built-in server with all of the document editing features of Collabora Online. In versions prior to 25.04.702, Collabora Online has a Configuration-Dependent RCE (OS Co…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.003 (55.1th percentile) — read the EPSS interpretation.