LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3390 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3408 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3548 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3549 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3550 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of libreoffice installed on the remote host is prior to 5.3.6.1-21. It is, therefore, affected by a vulnerability as referenced in the ALAS2LIBREOFFICE-2025-006 advisory.

    LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner     URL that when passed to LibreOffice could call internal macros with arbitrary arguments.This issue affects     LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1. (CVE-2025-1080)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3408 advisory.

    [1:7.1.8.1-15.0.1]
    - Replace colors with Oracle colors [Orabug: 32120093]
    - Added the --with-hamcrest option to configure.

    [1:7.1.8.1-15]
    - Fix CVE-2025-1080 Filter out more unwanted command URIs

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3267 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3269 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3265 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3169 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-2868 advisory.

    - Fix CVE-2025-1080 Filter out more unwanted command URIs

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2868 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:2868 advisory.

    * libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a86f9189-fdd9-11ef-91ff-b42e991fc52e advisory.

    security@documentfoundation.org reports:
    LibreOffice supports Office URI Schemes to enable browser integration             of LibreOffice with MS SharePoint server.  An additional scheme             'vnd.libreoffice.command' specific to LibreOffice was             added.  In the affected versions of LibreOffice a link in a browser             using that scheme could be constructed with an embedded inner URL             that when passed to LibreOffice could call internal macros with             arbitrary arguments.  This issue affects LibreOffice: from 24.8             before < 24.8.5, from 25.2 before < 25.2.1.

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7337-1 advisory.

    It was discovered that LibreOffice incorrectly handled Office URI Schemes. If a user or automated system     were tricked into opening a specially crafted LibreOffice file, a remote attacker could possibly use this     issue to call internal macros.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LibreOffice installed on the remote host is prior to 24.8.5 or 25.2.1. It is, therefore, affected by a vulnerability as referenced in the cve-2025-1080 advisory.

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner     URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue     affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1. (CVE-2025-1080)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner     URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue     affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1. (CVE-2025-1080)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5873 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5873-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     March 04, 2025                        https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : libreoffice     CVE ID         : CVE-2025-1080

    Amel Bouziane-Leblond discovered that insufficient validation of     vnd.libreoffice.command URI schemes could result in the execution of     arbitrary macro commands.

    For the stable distribution (bookworm), this problem has been fixed in     version 4:7.4.7-1+deb12u7.

    We recommend that you upgrade your libreoffice packages.

    For the detailed security status of libreoffice please refer to its     security tracker page at:
    https://security-tracker.debian.org/tracker/libreoffice

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
233924	RHEL 7 : libreoffice (RHSA-2025:3390)	Nessus	Red Hat Local Security Checks	high
233922	RHEL 9 : libreoffice (RHSA-2025:3408)	Nessus	Red Hat Local Security Checks	high
233916	RHEL 9 : libreoffice (RHSA-2025:3548)	Nessus	Red Hat Local Security Checks	high
233902	RHEL 9 : libreoffice (RHSA-2025:3549)	Nessus	Red Hat Local Security Checks	high
233899	RHEL 9 : libreoffice (RHSA-2025:3550)	Nessus	Red Hat Local Security Checks	high
233708	Amazon Linux 2 : libreoffice (ALASLIBREOFFICE-2025-006)	Nessus	Amazon Linux Local Security Checks	high
233652	Oracle Linux 9 : libreoffice (ELSA-2025-3408)	Nessus	Oracle Linux Local Security Checks	high
233544	RHEL 8 : libreoffice (RHSA-2025:3267)	Nessus	Red Hat Local Security Checks	high
233519	RHEL 8 : libreoffice (RHSA-2025:3269)	Nessus	Red Hat Local Security Checks	high
233508	RHEL 8 : libreoffice (RHSA-2025:3265)	Nessus	Red Hat Local Security Checks	high
233502	RHEL 8 : libreoffice (RHSA-2025:3169)	Nessus	Red Hat Local Security Checks	high
232978	Oracle Linux 8 : libreoffice (ELSA-2025-2868)	Nessus	Oracle Linux Local Security Checks	high
232923	RHEL 8 : libreoffice (RHSA-2025:2868)	Nessus	Red Hat Local Security Checks	high
232858	AlmaLinux 8 : libreoffice (ALSA-2025:2868)	Nessus	Alma Linux Local Security Checks	high
232561	FreeBSD : libreoffice -- Macro URL arbitrary script execution (a86f9189-fdd9-11ef-91ff-b42e991fc52e)	Nessus	FreeBSD Local Security Checks	high
232550	Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : LibreOffice vulnerability (USN-7337-1)	Nessus	Ubuntu Local Security Checks	high
232288	LibreOffice 24.8.x < 24.8.5 / 25.2.x < 25.2.1 (cve-2025-1080)	Nessus	Misc.	critical
232168	Linux Distros Unpatched Vulnerability : CVE-2025-1080	Nessus	Misc.	high
229743	Debian dsa-5873 : fonts-opensymbol - security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2025-1080

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

critical

high

high