CVE-2026-53511 in calibre
Summary
by MITRE • 07/08/2026
calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition with a python: template in calibre:user_metadata that is passed unsanitized to exec() in the template formatter. This issue is fixed in version 9.10.0.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 07/08/2026
This vulnerability affects calibre, a popular e-book management application, where maliciously crafted EPUB, OPF, or PDF files can execute arbitrary Python code during metadata processing. The flaw exists in how calibre handles custom column definitions within user metadata, specifically when these definitions contain python: templates that are subsequently passed unsanitized to the exec() function within the template formatter. This creates a critical remote code execution vector that can be triggered through normal application operations such as adding books or editing book metadata. The vulnerability represents a classic code injection flaw where untrusted input flows directly into an execution context without proper sanitization or validation.
The technical implementation of this vulnerability stems from inadequate input validation within calibre's metadata processing pipeline. When users interact with the application through Add books or Edit books functionality, the software reads and processes metadata from potentially malicious files. The custom column definitions stored in calibre:user_metadata can contain python: template syntax that gets executed directly by the template formatter component. This pattern aligns with CWE-94, which describes "Improper Control of Generation of Code ('Code Injection')" where untrusted data is used to generate code without proper sanitization mechanisms.
The operational impact of this vulnerability extends beyond simple code execution, as it allows attackers to perform arbitrary actions on systems running affected versions of calibre. Since the exploitation occurs during routine metadata processing operations, legitimate users may inadvertently trigger the malicious code when importing or editing books in their library. This makes the attack surface particularly wide and difficult to defend against, as it doesn't require specialized knowledge of the application's internals beyond creating malicious documents. The vulnerability affects all versions prior to 9.10.0, making it a significant concern for users who have not updated their installations.
Security mitigations for this vulnerability involve updating to calibre version 9.10.0 or later, which implements proper input sanitization and validation for user metadata templates. Organizations should also implement additional defensive measures such as restricting file import operations to trusted sources only, implementing network-based restrictions on file type processing, and monitoring for unusual metadata processing activities. From an ATT&CK perspective, this vulnerability maps to T1059.006 for Python execution and T1203 for exploitation of remote code execution vulnerabilities in software applications. System administrators should consider implementing sandboxed environments for document processing operations and maintaining strict version control for calibre installations to prevent exploitation of this and similar vulnerabilities.
The fix implemented in version 9.10.0 addresses the root cause by sanitizing template inputs before they are passed to exec() functions, preventing malicious code from being executed during metadata processing. This represents a proper defense-in-depth approach that combines input validation with secure coding practices to prevent code injection attacks. Organizations should also conduct regular security assessments of their calibre installations and ensure that all users have the latest security patches applied to protect against similar vulnerabilities in other software components.