CVE-2026-23623
Unauthorized File Download Vulnerability in Collabora Online
Publication date: 2026-02-06
Last updated on: 2026-02-06
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| collabora | online | to 25.04.7.5 (exc) |
| collabora | online_development_edition | to 25.04.08.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-23623 is an authorization bypass vulnerability in Collabora Online that allows users with view-only rights and no download privileges to download read-only files.
Although the user interface does not provide any download, save, or print buttons for such users, pressing the keyboard shortcut Ctrl+Shift+S in the Collabora Online web interface initiates the file download process.
This bypasses access restrictions and enables unauthorized local copies of shared files.
The issue affects Collabora Online versions prior to 25.04.7.5, 24.04.17.3, and 23.05.20.1, as well as Collabora Online Development Edition versions before 25.04.08.2.
Patched versions include 25.04.7.5, 24.04.17.3, 23.05.20.1, and 25.04.08.2 for the Development Edition.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability allows unauthorized users with only view-only access to bypass restrictions and download local copies of shared files.'}, {'type': 'paragraph', 'content': 'The impact includes violation of access control policies and unauthorized distribution of confidential documents.'}, {'type': 'paragraph', 'content': 'It can lead to potential data leakage in corporate and regulated environments.'}, {'type': 'paragraph', 'content': 'Additionally, it creates a false sense of security for file owners who rely on "view only" restrictions to protect their documents.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can lead to unauthorized data retrieval and potential data leakage, which may violate access control policies required by regulations such as GDPR and HIPAA.
Unauthorized distribution of confidential documents could result in non-compliance with data protection and privacy standards.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a user with view-only rights bypassing access restrictions by pressing Ctrl+Shift+S in the Collabora Online web interface to download files. Detection would involve monitoring for unusual file download activities initiated by users who should not have download privileges.
Specifically, you can monitor web server logs or application logs for requests triggered by the Ctrl+Shift+S shortcut or related file download endpoints accessed by users with view-only permissions.
There are no explicit commands provided in the available resources to detect this vulnerability directly.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade Collabora Online to a patched version. The vulnerability is fixed in Collabora Online Development Edition version 25.04.08.2 and Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5.
Until the upgrade can be applied, consider restricting access to Collabora Online to trusted users only and monitoring for unauthorized download attempts.