CVE-2026-23951 SumatraPDF's Integer Underflow in PalmDbReader Leads to Crash

SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...

CVE-2025-63365

SoftSea EPUB File Reader 1.0.0.0 is vulnerable to Directory Traversal. The vulnerability resides in the EPUB file processing component, specifically in the functionality responsible for extracting and handling EPUB archive contents...

The vulnerability of the Xreader software for viewing electronic documents lies in the incorrect restriction on the path name to the restricted access catalog, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Xreader software for viewing electronic documents is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a hacker to execute arbitrary code by having the user open a specially crafted EPUB or CBT...

CVE-2017-14545

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .epub file, related to "Data from Faulting Address controls Branch Selection starting at STDUEPubFile!DllUnregisterServer+0x0000000000010332."...