CVE-2025-1080: Macro URL arbitrary script execution
Description
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments.
This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.
Classification
CVE ID: CVE-2025-1080
CVSS Base Severity: HIGH
CVSS Base Score: 7.2
CVSS Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H
Problem Types
CWE-20 Improper Input ValidationAffected Products
Vendor: The Document Foundation
Product: LibreOffice
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 12.68% (scored less or equal to compared to others)
EPSS Date: 2025-04-02 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: total
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2025-1080https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080