A micropatch is now available for a zero-day OpenOffice code execution vulnerability which can be triggered via automated macro execution following a mouseover event when viewing a maliciously crafted ODT document. The vulnerability has been fixed by The Document Foundation in the LibreOffice 6.0.7/6.1.3 release after receiving a report from security researcher Alex Inf..hr who discovered the issue. The bug is currently tracked as CVE-2018-16858 and received a CVSS3 Base Score of 7.8 from Red Hat.
Source: https://www.bleepingcomputer.com/news/security/openoffice-zero-day-code-execution-flaw-gets-free-micropatch/