PT-2025-45522

🗓️ 07 Nov 2025 00:00:00Reported by Positive TechnologiesType

ptsecurity

ptsecurity🔗 dbugs.ptsecurity.com👁 1 Views

Calibre pre eight fourteen allows arbitrary file writes and code execution via FictionBook assets.

Reporter	Title	Published	Views	Family All 21
Circl	CVE-2025-64486	8 Nov 202500:01	–	circl
CNNVD	Calibre 安全漏洞	8 Nov 202500:00	–	cnnvd
CNVD	Calibre Input Validation Error Vulnerability (CNVD-2025-27923)	12 Nov 202500:00	–	cnvd
CVE	CVE-2025-64486	7 Nov 202523:25	–	cve
Cvelist	CVE-2025-64486 calibre is vulnerable to arbitrary code execution when opening FB2 files	7 Nov 202523:25	–	cvelist
Debian	[SECURITY] [DLA 4554-1] calibre security update	30 Apr 202611:51	–	debian
Debian CVE	CVE-2025-64486	7 Nov 202523:25	–	debiancve
Tenable Nessus	Debian dla-4554 : calibre - security update	30 Apr 202600:00	–	nessus
Tenable Nessus	Fedora 43 : calibre (2025-355be35bb1)	24 Nov 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2025-64486	9 Nov 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-64486
t	www.t.me/pentestingnews/70767
github	www.github.com/kovidgoyal/calibre/commit/6f94bce214bf7d43c829804db3741afa5e83c0c5
twitter	www.twitter.com/offseq/status/1986947004346322995
github	www.github.com/kovidgoyal/calibre/security/advisories/GHSA-hpwq-c98h-xp8g
t	www.t.me/poxek/5663
t	www.t.me/CVEtracker/36831
twitter	www.twitter.com/0dayPublishing/status/1986941662950551836
osv	www.osv.dev/vulnerability/CVE-2025-64486
twitter	www.twitter.com/CVEnew/status/1986941676720411015

11 Nov 2025 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 49.3

EPSS0.00042

calibre vulnerability fictionbook assets arbitrary file write code execution pre eight fourteen