@quozo Good point. I'm not sure how consistently Hancom discloses CVEs because I'm only seeing 18 CVEs here for all of Hancom's products, which I think is unrealistically low: https://nvd.nist.gov/vuln/search/results?form_type=Basic&results_type=overview&query=hancom&search_type=all&isCpeNameSearch=false

@nw true, looking at the types of CVEs disclosed so far I notice a lot are RCE or Heap exploits which would be more difficult to find with a product that’s had a longer lifetime like libreoffice. Not saying one is more secure than the other, or less prone to being targeted by a state actor, but being around for longer may make a good case.