We have a group of specialists that handle security, exactly as this is done for a company like Microsoft.
If you look at a database of vulnerabilities you will see that the number which affect LibreOffice is rather limited.
Only one of these statements can be true, which one is it, then ?
I just checked, the second statement is true.