2 matches found
EUVD-2026-5597
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...
PT-2024-5838 · Calibre · Calibre
Name of the Vulnerable Software and Affected Versions: Calibre versions prior to 7.14.0 Description: The issue is related to path traversal in the software, allowing unauthenticated attackers to achieve arbitrary file read. This is due to incorrect restriction of the directory path name with...