QwikSec

Security Database

CVE

CWE

Training

CVE-2026-25636

Published: Feb 6, 2026

Modified: Feb 11, 2026

PUBLISHED

CVSS v3.1

8.2

HIGH

Description

calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to an absolute filesystem path and opens it in read-write mode, even when it points outside the conversion extraction directory. This vulnerability is fixed in 9.2.0.

Vendor	Product	Versions
kovidgoyal	calibre	affected `< 9.2.0`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

None

Integrity

High

Availability

High

References

https://github.com/kovidgoyal/calibre/security/advisories/GHSA-8r26-m7j5-hm29

x_refsource_CONFIRM

https://github.com/kovidgoyal/calibre/commit/9484ea82c6ab226c18e6ca5aa000fa16de598726

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.