CVE-2026-33205 in calibre정보

요약

\~에 의해 MITRE • 2026. 03. 27.

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book reader's web view allows an attacker to perform blind GET requests to arbitrary URLs and exfiltrate information out from the ebook sandbox. Version 9.6.0 patches the issue.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

GitHub M

예약하다

2026. 03. 18.

공개

2026. 03. 27.

모더레이션

수락

항목

VDB-353916

CPE

준비됨

CWE

CWE-918 (확인됨)

CVSS

6.3 (VulDB)

EPSS

0.00022

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-33205
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-33205
CVE Details	https://www.cvedetails.com/cve/CVE-2026-33205/

◂ 이전 개요 다음 ▸

Want to know what is going to be exploited?

We predict KEV entries!