onlyoffice security advisories
2 threat alerts tracking vulnerabilities and security advisories that affect onlyoffice products.
Vulnios monitors onlyoffice CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent onlyoffice security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2023-30186 — onlyoffice — document_server
A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.
criticalCVE-2023-30186Critical Vulnerability: CVE-2023-30187 — onlyoffice — document_server
An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.
criticalCVE-2023-30187
Track onlyoffice exposure across your environment
Vulnios automatically cross-references your asset inventory against new onlyoffice CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan