CVE-2025-29867

216.73.216.233

· Published 04/02/2026 05:16 · Modified 04/02/2026 16:33

Labels: CVE-2025-29867 2026-02-04 CVE-2025-29867 CWE-843 [email protected]

Essential information

Published: 04/02/2026 05:16
Modified: 04/02/2026 16:33
Author: —
Creator: —
CVSS: 8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Hancom Inc. Hancom Office 2018, Hancom Inc. Hancom Office 2020, Hancom Inc. Hancom Office 2022, Hancom Inc. Hancom Office 2024 allows File Content Injection.This issue affects Hancom Office 2018: before 10.0.0.12681; Hancom Office 2020: before 11.0.0.8916; Hancom Office 2022: before 12.0.0.4426; Hancom Office 2024: before 13.0.0.3050.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
hancom / hancom office	`cpe:2.3:a:hancom:hancom_office:10.0.0-10.0.0.12680:::::::*`
hancom / hancom office	`cpe:2.3:a:hancom:hancom_office:11.0.0-11.0.0.8915:::::::*`
hancom / hancom office	`cpe:2.3:a:hancom:hancom_office:12.0.0-12.0.0.4425:::::::*`
hancom / hancom office	`cpe:2.3:a:hancom:hancom_office:13.0.0-13.0.0.3049:::::::*`