Security Advisory

CVE-2026-33205

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-27 13:52:06

Last updated 2026-03-27 19:58:43

Assigner GitHub_M

State PUBLISHED

Description

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book readers web view allows an attacker to perform blind GET requests to arbitrary URLs and exfiltrate information out from the ebook sandbox. Version 9.6.0 patches the issue.

← Browse all CVEs View on cve.org ↗