CVE-2026-33205 in calibreinformation

Résumé (Anglaise)

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book reader's web view allows an attacker to perform blind GET requests to arbitrary URLs and exfiltrate information out from the ebook sandbox. Version 9.6.0 patches the issue.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsable

GitHub_M

Réserver

18/03/2026

Divulgation

27/03/2026

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
353916kovidgoyal calibre background-image élévation de privilèges918Non définiCorrectif officielCVE-2026-33205

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant

Might our Artificial Intelligence support you?

Check our Alexa App!