Security researcher Alex Inf..hr has discovered a severe remote code execution vulnerability in LibreOffice and Apache OpenOffice. The vulnerability could be triggered just by opening a maliciously-crafted ODT (OpenDocument Text) file. The attack relies on exploiting a directory traversal flaw, identified as CVE-2018-16858. LibreOffice fixed the issue by the end of that month with the release of LibreOffice 6.0.7/6.1.3, but OpenOffice still appears to be vulnerable.
Source: https://thehackernews.com/2019/02/hacking-libreoffice-openoffice.html