CVE-2026-23623
Unknown Unknown - Not Provided
Unauthorized File Download Vulnerability in Collabora Online

Publication date: 2026-02-06

Last updated on: 2026-02-06

Assigner: GitHub, Inc.

Description
Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5, a user with view-only rights and no download privileges can obtain a local copy of a shared file. Although there are no corresponding buttons in the interface, pressing Ctrl+Shift+S initiates the file download process. This allows the user to bypass the access restrictions and leads to unauthorized data retrieval. This issue has been patched in Collabora Online Development Edition version 25.04.08.2 and Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-06
Last Modified
2026-02-06
Generated
2026-06-16
AI Q&A
2026-02-06
EPSS Evaluated
2026-06-14
NVD
CVE-2026-23623
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
collabora online to 25.04.7.5 (exc)
collabora online_development_edition to 25.04.08.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-285 The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-23623 is an authorization bypass vulnerability in Collabora Online that allows users with view-only rights and no download privileges to download read-only files.

Although the user interface does not provide any download, save, or print buttons for such users, pressing the keyboard shortcut Ctrl+Shift+S in the Collabora Online web interface initiates the file download process.

This bypasses access restrictions and enables unauthorized local copies of shared files.

The issue affects Collabora Online versions prior to 25.04.7.5, 24.04.17.3, and 23.05.20.1, as well as Collabora Online Development Edition versions before 25.04.08.2.

Patched versions include 25.04.7.5, 24.04.17.3, 23.05.20.1, and 25.04.08.2 for the Development Edition.

Impact Analysis

[{'type': 'paragraph', 'content': 'This vulnerability allows unauthorized users with only view-only access to bypass restrictions and download local copies of shared files.'}, {'type': 'paragraph', 'content': 'The impact includes violation of access control policies and unauthorized distribution of confidential documents.'}, {'type': 'paragraph', 'content': 'It can lead to potential data leakage in corporate and regulated environments.'}, {'type': 'paragraph', 'content': 'Additionally, it creates a false sense of security for file owners who rely on "view only" restrictions to protect their documents.'}] [1]

Compliance Impact

This vulnerability can lead to unauthorized data retrieval and potential data leakage, which may violate access control policies required by regulations such as GDPR and HIPAA.

Unauthorized distribution of confidential documents could result in non-compliance with data protection and privacy standards.

Detection Guidance

This vulnerability involves a user with view-only rights bypassing access restrictions by pressing Ctrl+Shift+S in the Collabora Online web interface to download files. Detection would involve monitoring for unusual file download activities initiated by users who should not have download privileges.

Specifically, you can monitor web server logs or application logs for requests triggered by the Ctrl+Shift+S shortcut or related file download endpoints accessed by users with view-only permissions.

There are no explicit commands provided in the available resources to detect this vulnerability directly.

Mitigation Strategies

The immediate mitigation step is to upgrade Collabora Online to a patched version. The vulnerability is fixed in Collabora Online Development Edition version 25.04.08.2 and Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5.

Until the upgrade can be applied, consider restricting access to Collabora Online to trusted users only and monitoring for unauthorized download attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23623. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart