calibre présente un Path Traversal pouvant entraîner une corruption arbitraire de fichiers et une exécution de code
Plateforme
other
Composant
calibre
Corrigé dans
9.2.1
CVE-2026-25636 describes a Path Traversal vulnerability discovered in Calibre, an e-book manager. This flaw allows a specially crafted EPUB file to corrupt arbitrary files accessible to the Calibre process, potentially leading to data loss or system compromise. The vulnerability impacts versions of Calibre up to and including 9.2.0, and a fix is available in version 9.2.0.
Impact et Scénarios d'Attaquetraduction en cours…
An attacker could exploit this vulnerability by crafting a malicious EPUB file. When Calibre attempts to convert this file, the vulnerability allows the attacker to specify an arbitrary file path outside of the intended conversion directory. Calibre then opens this file in read-write mode, enabling the attacker to overwrite or delete existing files. The potential impact ranges from data corruption within the Calibre library to broader system compromise if Calibre runs with elevated privileges. This is particularly concerning for users who manage sensitive e-books or use Calibre on shared systems.
Contexte d'Exploitationtraduction en cours…
This vulnerability was publicly disclosed on 2026-02-06. No public proof-of-concept (PoC) code has been released at the time of writing, but the vulnerability's nature suggests a relatively low barrier to exploitation. It is not currently listed on the CISA KEV catalog. The EPSS score is pending evaluation.
Qui Est à Risquetraduction en cours…
Users who manage e-books with Calibre, particularly those who download e-books from untrusted sources or use Calibre on shared systems, are at risk. Individuals using older versions of Calibre (≤ 9.2.0) are especially vulnerable. Users who rely on Calibre for managing sensitive documents should prioritize upgrading.
Étapes de Détectiontraduction en cours…
• windows / supply-chain: Monitor Calibre's process for unusual file access patterns using Process Monitor. Check registry keys related to Calibre for unexpected modifications.
Get-Process calibre | Select-Object Path• linux / server: Monitor Calibre's process for file access using lsof. Examine system logs for errors related to file access during EPUB conversion.
lsof -p $(pidof calibre)• generic web: Examine Calibre's access logs for requests containing suspicious file paths or URI schemes in the CipherReference URI. • database (mysql, redis, mongodb, postgresql): N/A - this vulnerability does not directly impact databases. • wordpress / composer / npm: N/A - this vulnerability does not directly impact these components.
Chronologie de l'Attaque
- Disclosure
disclosure
Renseignement sur les Menaces
Statut de l'Exploit
EPSS
0.02% (percentile 6%)
CISA SSVC
Vecteur CVSS
Que signifient ces métriques?
- Attack Vector
- Local — l'attaquant a besoin d'une session locale ou d'un shell sur le système.
- Attack Complexity
- Faible — aucune condition spéciale requise. Exploitable de manière fiable.
- Privileges Required
- Aucun — sans authentification. Aucune identifiant requis pour exploiter.
- User Interaction
- Requise — la victime doit ouvrir un fichier, cliquer sur un lien ou visiter une page.
- Scope
- Modifié — l'attaque peut pivoter au-delà du composant vulnérable.
- Confidentiality
- Aucun — aucun impact sur la confidentialité.
- Integrity
- Élevé — l'attaquant peut écrire, modifier ou supprimer toutes les données.
- Availability
- Élevé — panne complète ou épuisement des ressources. Déni de service total.
Logiciel Affecté
Classification de Faiblesse (CWE)
Chronologie
- Réservé
- Publiée
- Modifiée
- EPSS mis à jour
Mitigation et Contournementstraduction en cours…
The primary mitigation for CVE-2026-25636 is to upgrade Calibre to version 9.2.0 or later, which contains the fix. If upgrading is not immediately feasible, consider restricting the types of EPUB files accepted from untrusted sources. Implement a strict file extension whitelist to prevent the processing of potentially malicious files. Monitor Calibre's file system access logs for unusual activity, particularly writes to unexpected locations. After upgrading, confirm the fix by attempting to convert a test EPUB file with a deliberately malformed CipherReference URI; the conversion should fail with an appropriate error message.
Comment corrigertraduction en cours…
Actualice Calibre a la versión 9.2.0 o posterior. Esta actualización corrige la vulnerabilidad de path traversal que permite la corrupción de archivos arbitrarios y la ejecución de código. Descargue la versión más reciente desde el sitio web oficial de Calibre.
Newsletter Sécurité CVE
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
Questions fréquentestraduction en cours…
What is CVE-2026-25636 — Path Traversal in Calibre?
CVE-2026-25636 is a Path Traversal vulnerability in Calibre e-book manager, allowing malicious EPUB files to corrupt files. It affects versions up to 9.2.0.
Am I affected by CVE-2026-25636 in Calibre?
Yes, if you are using Calibre version 9.2.0 or earlier, you are affected by this vulnerability.
How do I fix CVE-2026-25636 in Calibre?
Upgrade Calibre to version 9.2.0 or later to resolve this vulnerability. Consider restricting file types from untrusted sources as an interim measure.
Is CVE-2026-25636 being actively exploited?
There are no confirmed reports of active exploitation at this time, but the vulnerability's nature suggests a potential for exploitation.
Where can I find the official Calibre advisory for CVE-2026-25636?
Refer to the Calibre project's official website and security advisories for the latest information: https://calibre-ebook.com/
Ton projet est-il affecté ?
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.