calibre-ebook

Top products

The 15 most recently published vulnerabilities affecting calibre-ebook.

• CVE-2026-33206calibre has a path traversal vulnerability6.3Mar 27, 2026
• CVE-2026-33205calibre has Server-Side Request Forgery in ebook viewer backend5.5Mar 27, 2026
• CVE-2026-30853calibre has a Path Traversal Leading to Arbitrary File Write5.0Mar 13, 2026
• CVE-2026-27824calibre has IP Ban Bypass via X-Forwarded-For Header Spoofing5.3Feb 27, 2026
• CVE-2026-27810calibre Vulnerable to HTTP Response Header Injection6.4Feb 27, 2026
• CVE-2026-26065calibre: Path Traversal can Lead to Arbitrary File Write and Potential Code Execution8.8Feb 20, 2026
• CVE-2026-26064calibre: Path Traversal Vulnerability Enables Arbitrary File Write and Remote Code Execution8.8Feb 20, 2026
• CVE-2026-25731Calibre Affected by Arbitrary Code Execution via Server-Side Template Injection in Calibre HTML Export7.8Feb 6, 2026
• CVE-2026-25635calibre has a Path Traversal Leading to Arbitrary File Write and Potential Code Execution8.6Feb 6, 2026
• CVE-2026-25636calibre has a Path Traversal Leading to Arbitrary File Corruption and Code Execution8.2Feb 6, 2026
• CVE-2024-7009Calibre SQL Injection4.2Aug 6, 2024
• CVE-2024-7008Calibre Reflected Cross-Site Scripting (XSS)5.4Aug 6, 2024
• CVE-2024-6781Calibre Arbitrary File Read7.5Aug 6, 2024
• CVE-2023-46303link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root.7.5Oct 22, 2023
• CVE-2021-44686calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.7.5Dec 6, 2021