Wiz
Vulnerability DatabaseCVE-2023-6186

CVE-2023-6186
NixOS vulnerability analysis and mitigation

Overview

CVE-2023-6186 is a security vulnerability discovered in The Document Foundation LibreOffice that allows attackers to execute built-in macros without warning. The vulnerability was disclosed on December 11, 2023, affecting LibreOffice versions 7.5.0 through 7.5.9 and 7.6.0 through 7.6.4. The issue stems from insufficient macro permission validation where hyperlinks with macro or similar built-in command targets can be executed when activated without warning the user (LibreOffice Advisory, NVD).

Technical details

The vulnerability exists in LibreOffice's hyperlink functionality. While LibreOffice supports common protocols like http/https, it also allows hyperlinks to have target URLs that can launch built-in macros or dispatch built-in internal commands. In affected versions, these non-typical hyperlinks could be executed without proper warning when activated by users. The vulnerability received a CVSS v3.1 base score of 8.8 (High) from NIST and 8.3 (High) from The Document Foundation (NVD).

Impact

The vulnerability could allow an attacker to execute arbitrary built-in macros without warning when a user activates a malicious hyperlink in a document. This could potentially lead to unauthorized command execution within the context of LibreOffice's built-in functionality (LibreOffice Advisory).

Mitigation and workarounds

The vulnerability has been fixed in LibreOffice versions 7.5.9 and 7.6.4. In the patched versions, the user's explicit macro execution permissions for the document are consulted before executing non-typical hyperlinks, and the ability to use these variants of hyperlink targets for floating frames has been removed. Users are recommended to upgrade to these versions or later to mitigate the vulnerability (LibreOffice Advisory, Debian Advisory).

Community reactions

Multiple Linux distributions have released security advisories and patches for this vulnerability, including Debian, Ubuntu, and Fedora. The vulnerability was discovered and reported by Reginaldo Silva of ubercomp.com, with Collabora Productivity providing the fix (Debian Advisory, LibreOffice Advisory).

Additional resources

SourceThis report was generated using AI

Related NixOS vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-69264CRITICAL9.8
  • JavaScriptJavaScript
  • pnpm
NoYesJan 07, 2026
CVE-2025-69263HIGH8.8
  • JavaScriptJavaScript
  • pnpm
NoYesJan 07, 2026
CVE-2025-69262HIGH7.8
  • JavaScriptJavaScript
  • pnpm
NoYesJan 07, 2026
CVE-2025-20807MEDIUM6.7
  • NixOSNixOS
  • android
NoNoJan 06, 2026
CVE-2026-21885MEDIUM6.5
  • NixOSNixOS
  • miniflux
NoYesJan 08, 2026

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo