9.2.1
CVE-2026-25636 describes a Path Traversal vulnerability discovered in Calibre, an e-book manager. This flaw allows a specially crafted EPUB file to corrupt arbitrary files accessible to the Calibre process, potentially leading to data loss or system compromise. The vulnerability impacts versions of Calibre up to and including 9.2.0, and a fix is available in version 9.2.0.
An attacker could exploit this vulnerability by crafting a malicious EPUB file. When Calibre attempts to convert this file, the vulnerability allows the attacker to specify an arbitrary file path outside of the intended conversion directory. Calibre then opens this file in read-write mode, enabling the attacker to overwrite or delete existing files. The potential impact ranges from data corruption within the Calibre library to broader system compromise if Calibre runs with elevated privileges. This is particularly concerning for users who manage sensitive e-books or use Calibre on shared systems.
This vulnerability was publicly disclosed on 2026-02-06. No public proof-of-concept (PoC) code has been released at the time of writing, but the vulnerability's nature suggests a relatively low barrier to exploitation. It is not currently listed on the CISA KEV catalog. The EPSS score is pending evaluation.
Users who manage e-books with Calibre, particularly those who download e-books from untrusted sources or use Calibre on shared systems, are at risk. Individuals using older versions of Calibre (≤ 9.2.0) are especially vulnerable. Users who rely on Calibre for managing sensitive documents should prioritize upgrading.
• windows / supply-chain: Monitor Calibre's process for unusual file access patterns using Process Monitor. Check registry keys related to Calibre for unexpected modifications.
Get-Process calibre | Select-Object Path• linux / server: Monitor Calibre's process for file access using lsof. Examine system logs for errors related to file access during EPUB conversion.
lsof -p $(pidof calibre)• generic web: Examine Calibre's access logs for requests containing suspicious file paths or URI schemes in the CipherReference URI. • database (mysql, redis, mongodb, postgresql): N/A - this vulnerability does not directly impact databases. • wordpress / composer / npm: N/A - this vulnerability does not directly impact these components.
disclosure
漏洞利用状态
EPSS
0.02% (6% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2026-25636 is to upgrade Calibre to version 9.2.0 or later, which contains the fix. If upgrading is not immediately feasible, consider restricting the types of EPUB files accepted from untrusted sources. Implement a strict file extension whitelist to prevent the processing of potentially malicious files. Monitor Calibre's file system access logs for unusual activity, particularly writes to unexpected locations. After upgrading, confirm the fix by attempting to convert a test EPUB file with a deliberately malformed CipherReference URI; the conversion should fail with an appropriate error message.
Actualice Calibre a la versión 9.2.0 o posterior. Esta actualización corrige la vulnerabilidad de path traversal que permite la corrupción de archivos arbitrarios y la ejecución de código. Descargue la versión más reciente desde el sitio web oficial de Calibre.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2026-25636 is a Path Traversal vulnerability in Calibre e-book manager, allowing malicious EPUB files to corrupt files. It affects versions up to 9.2.0.
Yes, if you are using Calibre version 9.2.0 or earlier, you are affected by this vulnerability.
Upgrade Calibre to version 9.2.0 or later to resolve this vulnerability. Consider restricting file types from untrusted sources as an interim measure.
There are no confirmed reports of active exploitation at this time, but the vulnerability's nature suggests a potential for exploitation.
Refer to the Calibre project's official website and security advisories for the latest information: https://calibre-ebook.com/
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。