CVE-2026-0830

Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...

EUVD-2026-1682

Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...

CVE-2026-0830 Command Injection in Kiro GitLab Merge Request Helper

Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version...

CVE-2026-0830

CVE-2026-0830 affects Kiro IDE (pre-0.6.18). The vulnerability arises from processing specially crafted workspace folder names in the GitLab Merge Request helper, which can lead to arbitrary command injection on the user’s machine when opening malicious workspaces. Public sources (NVD, Red Hat, C...

Calibre-Web SQL Injection Vulnerability

Calibre-Web is a Web application for browsing, reading and downloading eBooks from the Calibre database.A SQL injection vulnerability exists in versions prior to Calibre-Web 0.6.18.The vulnerability stems from the application's lack of validation of externally entered SQL statements, which can be...

CVE-2022-30765

Calibre-Web before 0.6.18 allows user table SQL Injection...

Calibre-Web SQL注入漏洞

Calibre-Web is a Web application for browsing, reading and downloading eBooks from the Calibre database.A SQL injection vulnerability exists in versions prior to Calibre-Web 0.6.18.The vulnerability stems from the application's lack of validation of externally entered SQL statements, which can be...

PT-2022-13575 · Unknown · Calibre-Web

Name of the Vulnerable Software and Affected Versions: calibre-web versions prior to 0.6.18 Description: The issue is related to Server-Side Request Forgery SSRF in the GitHub repository janeczku/calibre-web. SSRF is a type of attack where an attacker can trick a server into making requests to...

PT-2022-13540 · Unknown · Calibre-Web

Name of the Vulnerable Software and Affected Versions: calibre-web versions prior to 0.6.18 Description: The issue is related to Server-Side Request Forgery SSRF in the GitHub repository janeczku/calibre-web. SSRF is a type of attack where an attacker can trick a server into making requests to...

PT-2009-6117 · None · Libexif

Name of the Vulnerable Software and Affected Versions: libexif version 0.6.18 Description: The issue is related to a heap-based buffer overflow in the exif entry fix function, which can be triggered by an invalid EXIF image. This could lead to a denial of service or potentially allow the executio...