Lucene search
+L

359 matches found

nessus
nessus
added 2026/07/09 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53511

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre,...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References3
nvd
nvd
added 2026/07/07 10:16 p.m.8 views

CVE-2026-55408

Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content is rendered with unsanitized innerHTML. An attacker can cra...

8.4CVSS0.00188EPSS
Exploits0References1
nvd
nvd
added 2026/07/07 9:17 p.m.9 views

CVE-2026-53511

calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:usermetadata that is pass...

8.5CVSS0.00197EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/07 9:2 p.m.26 views

CVE-2026-55408 Koodo Reader: Remote code execution via malicious epub file

Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content is rendered with unsanitized innerHTML. An attacker can cra...

8.4CVSS0.00188EPSS
Exploits0References1
cve
cve
added 2026/07/07 9:2 p.m.11 views

CVE-2026-55408

Summary : CVE-2026-55408 affects Koodo Reader

8.4CVSS6.8AI score0.00188EPSS
Exploits0References1
osv
osv
added 2026/07/07 9:2 p.m.6 views

CVE-2026-55408 Koodo Reader: Remote code execution via malicious epub file

Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content is rendered with unsanitized innerHTML. An attacker can cra...

8.4CVSS6.8AI score0.00188EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/07 9:2 p.m.7 views

CVE-2026-55408

Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content is rendered with unsanitized innerHTML. An attacker can cra...

8.4CVSS6.8AI score0.00188EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/07/07 8:46 p.m.5 views

CVE-2026-53511

calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:usermetadata that is pass...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References4Affected Software1
osv
osv
added 2026/07/07 8:46 p.m.11 views

CVE-2026-53511 calibre: Arbitrary Code Execution in Template Formatter via Book Metadata

calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:usermetadata that is pass...

8.5CVSS6.2AI score0.00197EPSS
Exploits0References5
nessus
nessus
added 2026/06/24 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-71382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of...

7.1CVSS6.1AI score0.00316EPSS
Exploits1References3
osv
osv
added 2026/06/23 6:17 p.m.2 views

DEBIAN-CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS5.8AI score0.00316EPSS
Exploits1References1
nvd
nvd
added 2026/06/23 6:17 p.m.6 views

CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS0.00316EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2026/06/23 5:21 p.m.4 views

CVE-2025-71382 MuPDF < 1.27.0-rc1 Stack Exhaustion DoS via EPUB CSS Rendering

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References4
attackerkb
attackerkb
added 2026/06/23 5:21 p.m.4 views

CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References5
euvd
euvd
added 2026/06/23 5:21 p.m.6 views

EUVD-2025-210322

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References4
osv
osv
added 2026/06/23 5:21 p.m.2 views

CVE-2025-71382 MuPDF < 1.27.0-rc1 Stack Exhaustion DoS via EPUB CSS Rendering

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References7
cvelist
cvelist
added 2026/06/23 5:21 p.m.37 views

CVE-2025-71382 MuPDF < 1.27.0-rc1 Stack Exhaustion DoS via EPUB CSS Rendering

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS0.00316EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2026/06/23 12:0 a.m.10 views

PT-2026-51571

Name of the Vulnerable Software and Affected Versions MuPDF versions prior to 1.27.0-rc1 Description The EPUB CSS rendering engine contains an uncontrolled recursion issue. A remote attacker can trigger a denial of service by providing a specially crafted EPUB file featuring inline CSS styles and...

7.1CVSS5.8AI score0.00316EPSS
Exploits1References7
redhatcve
redhatcve
added 2026/05/12 8:21 p.m.14 views

CVE-2026-42451

Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting XSS vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser wi...

6.3CVSS5.7AI score0.00136EPSS
Exploits0References1
nvd
nvd
added 2026/05/08 11:16 p.m.12 views

CVE-2026-42451

Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting XSS vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser wi...

6.3CVSS0.00136EPSS
Exploits0References2
Rows per page
Query Builder