CVE-2026-33206

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a path traversal vulnerability exists in Calibre' handling of images in Markdown and other similar text-based files allowing an attacker to include arbitrary files from the...

PT-2026-28474

Name of the Vulnerable Software and Affected Versions calibre versions prior to 9.6.0 Description A path traversal issue exists in the handling of images within Markdown and similar text-based files, which allows an attacker to include arbitrary files from the file system into a converted book...

CVE-2025-11941 e107 CMS Avatar image.php path traversal

A vulnerability was detected in e107 CMS up to 2.3.3. This impacts an unknown function of the file /e107admin/image.php?mode=main&action=avatar of the component Avatar Handler. Performing manipulation of the argument multiaction results in path traversal. It is possible to initiate the attack...

Directory Traversal

Overview label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Directory Traversal via the download function due to improper input validation when processing image references during task exports. . An attacker can access files outside the intended...