CVE Catalog
CVE-2026-27435
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk0.24%
15th percentile — higher than 15% of all known CVEs
Summary
Missing Authorization vulnerability in Woffice allows exploiting incorrectly configured access control security levels. This issue affects Woffice versions before 5.4.33.
Risk Assessment
An attacker can gain unauthorized access to functions or data, leading to confidentiality and integrity breaches.
Recommendation
Immediately update Woffice to version 5.4.33 or later.
Original NVD description (English source)
Missing Authorization vulnerability in WofficeIO Woffice allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woffice: from n/a before 5.4.33.

