DEBIAN-CVE-2026-33206

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a path traversal vulnerability exists in Calibre' handling of images in Markdown and other similar text-based files allowing an attacker to include arbitrary files from the...

CVE-2026-33206

CVE-2026-33206 affects Calibre prior to 9.6.0. The vulnerability consists of a path traversal in Calibre’s handling of images in Markdown and similar text-based files, allowing an attacker to include arbitrary filesystem files into the converted book. Additionally, the background-image endpoint i...

Calibre 代码问题漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer in India. It serves as a comprehensive e-book reading management and format conversion tool. Prior to Calibre 9.6.0, there were code-related vulnerabilities. These vulnerabilities stemmed from a server-side reques...

CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

Calibre 注入漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer from India. It serves as a comprehensive e-book reading management and format conversion tool. Prior to Calibre 9.4.0, there was a injection vulnerability. This vulnerability stemmed from an HTTP response header...

Calibre 访问控制错误漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer from India. It serves as a comprehensive e-book reading management and format conversion tool. Versions of Calibre prior to 9.4.0 contained a access control error vulnerability. This vulnerability stemmed from a...

CVE-2026-26065

A flaw was found in calibre. This path traversal vulnerability allows a local user to write arbitrary files with arbitrary content and extensions to any location where the user has write permissions. This occurs when processing specially crafted PDB Program Database e-book files. Successful...

Linux Distros Unpatched Vulnerability : CVE-2026-26064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below contain a Path Traversal...

Linux Distros Unpatched Vulnerability : CVE-2026-26065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal...

Calibre 路径遍历漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer from India. It serves as a comprehensive e-book reading management and format conversion tool. Calibre versions 9.2.1 and earlier had a path traversal vulnerability. This vulnerability stemmed from a flaw in the...

Calibre 路径遍历漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer from India. It serves as a comprehensive e-book reading management and format conversion tool. Calibre versions 9.2.1 and earlier had a path traversal vulnerability. This vulnerability stemmed from a path traversa...

DEBIAN-CVE-2026-25636

calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...

UBUNTU-CVE-2026-25731

calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection SSTI vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via the --template-html or --template-html-index...

CVE-2026-25731 Calibre Affected by Arbitrary Code Execution via Server-Side Template Injection in Calibre HTML Export

calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection SSTI vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via the --template-html or --template-html-index...

CVE-2026-25635

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

CVE-2026-25636 calibre has a Path Traversal Leading to Arbitrary File Corruption and Code Execution

calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...

Calibre 代码注入漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer from India. It serves as a comprehensive e-book reading management and format conversion tool. Versions of Calibre 9.1.0 and earlier had a code injection vulnerability. This vulnerability stemmed from path travers...

Calibre 路径遍历漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer in India. It serves as a comprehensive e-book reading management and format conversion tool. Prior to Calibre 9.2.0, there was a path traversal vulnerability. This vulnerability stemmed from the CHM reader’s...

PT-2026-6788

Name of the Vulnerable Software and Affected Versions calibre versions 9.1.0 and earlier Description calibre is an e-book manager. A path traversal flaw exists in the EPUB conversion process. A crafted EPUB file can potentially corrupt existing files that the calibre process has write access to...

VulnCheck KEV: CVE-2024-6782

Improper access control in Calibre 6.9.0 7.14.0 allow unauthenticated attackers to achieve remote code execution...