{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","type":"deb","namespace":"debian","name":"calibre","version":"8.16.2+ds+~0.10.5-3~bpo13+1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97078?format=json","vulnerability_id":"VCID-2w1b-b6qm-4qhf","summary":"calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book reader's web view allows an attacker to perform blind GET requests to arbitrary URLs and exfiltrate information out from the ebook sandbox. Version 9.6.0 patches the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33205","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02154","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0216","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02155","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02172","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02151","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02107","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02119","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02207","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02184","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02175","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02784","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02793","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02767","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05381","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05385","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05396","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0538","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05379","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05373","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33205"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-4926-v9px-wv7v","reference_id":"GHSA-4926-v9px-wv7v","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T18:57:50Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-4926-v9px-wv7v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/585348?format=json","purl":"pkg:deb/debian/calibre@9.6.0%2Bds%2B~0.10.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@9.6.0%252Bds%252B~0.10.5-1"}],"aliases":["CVE-2026-33205"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2w1b-b6qm-4qhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97030?format=json","vulnerability_id":"VCID-bjj5-ynf7-v7aa","summary":"calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers (both 132-byte and 202-byte header variants) that allow arbitrary file writes with arbitrary extension and arbitrary content anywhere the user has write permissions. Files are written in 'wb' mode, silently overwriting existing files. This can lead to potential code execution and Denial of Service through file corruption. This issue has been fixed in version 9.3.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26065","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11454","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11513","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.113","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11382","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11441","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11446","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11413","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11384","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11246","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11247","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11374","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11314","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11273","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13301","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14426","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1419","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1434","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14433","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14468","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14553","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14559","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14564","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26065"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26065","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26065"},{"reference_url":"https://github.com/kovidgoyal/calibre/commit/b6da1c3878c06eb1356cb0ec1106cb66e0e9bfb8","reference_id":"b6da1c3878c06eb1356cb0ec1106cb66e0e9bfb8","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:41:04Z/"}],"url":"https://github.com/kovidgoyal/calibre/commit/b6da1c3878c06eb1356cb0ec1106cb66e0e9bfb8"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-vmfh-7mr7-pp2w","reference_id":"GHSA-vmfh-7mr7-pp2w","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:41:04Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-vmfh-7mr7-pp2w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582435?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2w1b-b6qm-4qhf"},{"vulnerability":"VCID-bjj5-ynf7-v7aa"},{"vulnerability":"VCID-dywq-dzuv-wka2"},{"vulnerability":"VCID-hgmk-8s7s-tfdb"},{"vulnerability":"VCID-jwpx-aqjh-dqej"},{"vulnerability":"VCID-mqmp-g7uy-gbg4"},{"vulnerability":"VCID-nj3z-4ya4-bqf7"},{"vulnerability":"VCID-vq4p-dvg4-eudz"},{"vulnerability":"VCID-x63d-4kux-cqcu"},{"vulnerability":"VCID-zhz3-1799-a7hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"}],"aliases":["CVE-2026-26065"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bjj5-ynf7-v7aa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97079?format=json","vulnerability_id":"VCID-dywq-dzuv-wka2","summary":"calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a path traversal vulnerability exists in Calibre' handling of images in Markdown and other similar text-based files allowing an attacker to include arbitrary files from the file system into the converted book. Additionally, missing authentication and server-side request forgery in the background-image endpoint in the ebook reader web view allow the files to be exfiltrated without additional interaction. Version 9.6.0 contains a fix.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33206","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01609","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01618","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01625","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01611","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01602","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01601","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01589","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01603","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01693","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01707","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01701","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01616","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02077","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02127","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0208","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04577","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04552","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04559","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04567","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0455","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33206"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-h3p4-m74f-43g6","reference_id":"GHSA-h3p4-m74f-43g6","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T14:48:39Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-h3p4-m74f-43g6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/585348?format=json","purl":"pkg:deb/debian/calibre@9.6.0%2Bds%2B~0.10.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@9.6.0%252Bds%252B~0.10.5-1"}],"aliases":["CVE-2026-33206"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dywq-dzuv-wka2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97047?format=json","vulnerability_id":"VCID-hgmk-8s7s-tfdb","summary":"calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an unsanitized `content_disposition` query parameter in the `/get/` and `/data-files/get/` endpoints. All users running the calibre Content Server with authentication enabled are affected. The vulnerability is exploitable by any authenticated user and can also be triggered by tricking an authenticated victim into clicking a crafted link. Version 9.4.0 contains a fix for the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27810","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16461","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16346","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16283","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16303","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16338","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16231","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16228","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16186","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16059","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16523","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16319","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16404","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16463","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16448","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16409","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17584","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17583","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17547","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17663","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17672","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17486","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27810"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-5fpj-fxw7-8grw","reference_id":"GHSA-5fpj-fxw7-8grw","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-02T12:53:21Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-5fpj-fxw7-8grw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"}],"aliases":["CVE-2026-27810"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hgmk-8s7s-tfdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64674?format=json","vulnerability_id":"VCID-jwpx-aqjh-dqej","summary":"calibre: Calibre: Remote Code Execution via path traversal in CHM reader","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25635.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25635.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25635","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24132","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23986","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24043","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24069","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2417","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24023","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23956","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26254","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26229","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26194","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26119","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26115","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26064","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33072","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33097","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33177","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33204","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33211","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33053","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33121","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33161","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25635"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25635","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25635"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437936","reference_id":"2437936","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437936"},{"reference_url":"https://github.com/kovidgoyal/calibre/commit/9739232fcb029ac15dfe52ccd4fdb4a07ebb6ce9","reference_id":"9739232fcb029ac15dfe52ccd4fdb4a07ebb6ce9","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-09T15:20:48Z/"}],"url":"https://github.com/kovidgoyal/calibre/commit/9739232fcb029ac15dfe52ccd4fdb4a07ebb6ce9"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-32vh-whvh-9fxr","reference_id":"GHSA-32vh-whvh-9fxr","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-09T15:20:48Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-32vh-whvh-9fxr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582435?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2w1b-b6qm-4qhf"},{"vulnerability":"VCID-bjj5-ynf7-v7aa"},{"vulnerability":"VCID-dywq-dzuv-wka2"},{"vulnerability":"VCID-hgmk-8s7s-tfdb"},{"vulnerability":"VCID-jwpx-aqjh-dqej"},{"vulnerability":"VCID-mqmp-g7uy-gbg4"},{"vulnerability":"VCID-nj3z-4ya4-bqf7"},{"vulnerability":"VCID-vq4p-dvg4-eudz"},{"vulnerability":"VCID-x63d-4kux-cqcu"},{"vulnerability":"VCID-zhz3-1799-a7hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"}],"aliases":["CVE-2026-25635"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jwpx-aqjh-dqej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64271?format=json","vulnerability_id":"VCID-mqmp-g7uy-gbg4","summary":"calibre: Calibre: Arbitrary file write via crafted RocketBook (.rb) file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30853.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30853.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30853","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0217","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02151","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02194","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02154","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02176","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02171","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02172","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02672","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02664","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05207","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0753","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07515","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07513","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07263","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07271","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07243","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07254","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07408","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07479","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07462","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07478","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30853"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447437","reference_id":"2447437","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447437"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-7mp7-rfrg-542x","reference_id":"GHSA-7mp7-rfrg-542x","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T19:42:19Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-7mp7-rfrg-542x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"}],"aliases":["CVE-2026-30853"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqmp-g7uy-gbg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97049?format=json","vulnerability_id":"VCID-nj3z-4ya4-bqf7","summary":"calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both `remote_addr` and the `X-Forwarded-For` header. Since the `X-Forwarded-For` header is read directly from the HTTP request without any validation or trusted-proxy configuration, an attacker can bypass IP-based bans by simply changing or adding this header, rendering the brute-force protection completely ineffective. This is particularly dangerous for calibre servers exposed to the internet, where brute-force protection is the primary defense against credential stuffing and password guessing attacks. Version 9.4.0 contains a fix for the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27824","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0544","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05368","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05461","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05398","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07756","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07722","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07707","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07692","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07617","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07605","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.077","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07679","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07646","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07626","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08286","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08288","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08299","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08156","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08221","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08204","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08232","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27824"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-vhxc-r7v8-2xrw","reference_id":"GHSA-vhxc-r7v8-2xrw","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-02T12:54:19Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-vhxc-r7v8-2xrw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"}],"aliases":["CVE-2026-27824"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nj3z-4ya4-bqf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64675?format=json","vulnerability_id":"VCID-vq4p-dvg4-eudz","summary":"calibre: Calibre: Arbitrary file corruption via path traversal in EPUB conversion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25636.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25636.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25636","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06014","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06022","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06031","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06041","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05948","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05981","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06003","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05964","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07421","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07379","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07358","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07372","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07406","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07403","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07085","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07061","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07192","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07162","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07169","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07127","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07143","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07298","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25636"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25636","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25636"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437730","reference_id":"2437730","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437730"},{"reference_url":"https://github.com/kovidgoyal/calibre/commit/9484ea82c6ab226c18e6ca5aa000fa16de598726","reference_id":"9484ea82c6ab226c18e6ca5aa000fa16de598726","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:19:25Z/"}],"url":"https://github.com/kovidgoyal/calibre/commit/9484ea82c6ab226c18e6ca5aa000fa16de598726"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-8r26-m7j5-hm29","reference_id":"GHSA-8r26-m7j5-hm29","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:19:25Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-8r26-m7j5-hm29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582435?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2w1b-b6qm-4qhf"},{"vulnerability":"VCID-bjj5-ynf7-v7aa"},{"vulnerability":"VCID-dywq-dzuv-wka2"},{"vulnerability":"VCID-hgmk-8s7s-tfdb"},{"vulnerability":"VCID-jwpx-aqjh-dqej"},{"vulnerability":"VCID-mqmp-g7uy-gbg4"},{"vulnerability":"VCID-nj3z-4ya4-bqf7"},{"vulnerability":"VCID-vq4p-dvg4-eudz"},{"vulnerability":"VCID-x63d-4kux-cqcu"},{"vulnerability":"VCID-zhz3-1799-a7hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"}],"aliases":["CVE-2026-25636"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vq4p-dvg4-eudz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97029?format=json","vulnerability_id":"VCID-x63d-4kux-cqcu","summary":"calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below contain a Path Traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows, this leads to Remote Code Execution by writing a payload to the Startup folder, which executes on next login. Function extract_pictures only checks startswith('Pictures'), and does not sanitize '..' sequences. calibre's own ZipFile.extractall() in utils/zipfile.py does sanitize '..' via _get_targetpath(), but extract_pictures() bypasses this by using manual zf.read() + open(). This issue has been fixed in version 9.3.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26064","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20787","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20846","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2056","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20636","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20698","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20718","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20675","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20622","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20608","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20605","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20596","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20482","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20479","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22867","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23944","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23848","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2393","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23999","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23963","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24051","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24084","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24081","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26064"},{"reference_url":"https://github.com/kovidgoyal/calibre/commit/e1b5f9b45a5e8fa96c136963ad9a1d35e6adac62","reference_id":"e1b5f9b45a5e8fa96c136963ad9a1d35e6adac62","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:29:11Z/"}],"url":"https://github.com/kovidgoyal/calibre/commit/e1b5f9b45a5e8fa96c136963ad9a1d35e6adac62"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-72ch-3hqc-pgmp","reference_id":"GHSA-72ch-3hqc-pgmp","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:29:11Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-72ch-3hqc-pgmp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582435?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2w1b-b6qm-4qhf"},{"vulnerability":"VCID-bjj5-ynf7-v7aa"},{"vulnerability":"VCID-dywq-dzuv-wka2"},{"vulnerability":"VCID-hgmk-8s7s-tfdb"},{"vulnerability":"VCID-jwpx-aqjh-dqej"},{"vulnerability":"VCID-mqmp-g7uy-gbg4"},{"vulnerability":"VCID-nj3z-4ya4-bqf7"},{"vulnerability":"VCID-vq4p-dvg4-eudz"},{"vulnerability":"VCID-x63d-4kux-cqcu"},{"vulnerability":"VCID-zhz3-1799-a7hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"}],"aliases":["CVE-2026-26064"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x63d-4kux-cqcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64673?format=json","vulnerability_id":"VCID-zhz3-1799-a7hk","summary":"calibre: Calibre: Arbitrary Code Execution via malicious custom template file during ebook conversion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25731.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25731.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25731","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0124","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01166","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01177","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01247","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01251","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01257","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01246","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01242","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01239","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01238","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01248","published_at":"2026-05-14T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00895","published_at":"2026-04-13T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00907","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0091","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00913","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00898","published_at":"2026-04-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00893","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00905","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25731"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437917","reference_id":"2437917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437917"},{"reference_url":"https://github.com/kovidgoyal/calibre/commit/f0649b27512e987b95fcab2e1e0a3bcdafc23379","reference_id":"f0649b27512e987b95fcab2e1e0a3bcdafc23379","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-02-06T21:01:31Z/"}],"url":"https://github.com/kovidgoyal/calibre/commit/f0649b27512e987b95fcab2e1e0a3bcdafc23379"},{"reference_url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-xrh9-w7qx-3gcc","reference_id":"GHSA-xrh9-w7qx-3gcc","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-02-06T21:01:31Z/"}],"url":"https://github.com/kovidgoyal/calibre/security/advisories/GHSA-xrh9-w7qx-3gcc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089403?format=json","purl":"pkg:deb/debian/calibre@6.13.0%2Brepack-2%2Bdeb12u6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@6.13.0%252Brepack-2%252Bdeb12u6"},{"url":"http://public2.vulnerablecode.io/api/packages/1089404?format=json","purl":"pkg:deb/debian/calibre@8.5.0%2Bds-1%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.5.0%252Bds-1%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/582437?format=json","purl":"pkg:deb/debian/calibre@8.16.2%2Bds%2B~0.10.5-3~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"}],"aliases":["CVE-2026-25731"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhz3-1799-a7hk"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/calibre@8.16.2%252Bds%252B~0.10.5-3~bpo13%252B1"}