CVE-2026-27810

{"id": "CVE-2026-27810", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-27810", "role": "CISA Coordinator", "options": [{"exploitation": "poc"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-02T12:53:21.102653Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 3.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 3.1}]}, "affected": [{"source": "security-advisories@github.com", "affectedData": [{"vendor": "kovidgoyal", "product": "calibre", "versions": [{"status": "affected", "version": "< 9.4.0"}]}]}], "published": "2026-02-27T20:21:39.780", "references": [{"url": "https://github.com/kovidgoyal/calibre/security/advisories/GHSA-5fpj-fxw7-8grw", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-113"}]}], "descriptions": [{"lang": "en", "value": "calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an unsanitized `content_disposition` query parameter in the `/get/` and `/data-files/get/` endpoints. All users running the calibre Content Server with authentication enabled are affected. The vulnerability is exploitable by any authenticated user and can also be triggered by tricking an authenticated victim into clicking a crafted link. Version 9.4.0 contains a fix for the issue."}, {"lang": "es", "value": "calibre es un gestor de libros electr\u00f3nicos multiplataforma para ver, convertir, editar y catalogar libros electr\u00f3nicos. Antes de la versi\u00f3n 9.4.0, una vulnerabilidad de inyecci\u00f3n de encabezado de respuesta HTTP en el servidor de contenido de calibre permite a cualquier usuario autenticado inyectar encabezados HTTP arbitrarios en las respuestas del servidor a trav\u00e9s de un par\u00e1metro de consulta 'content_disposition' no saneado en los puntos finales '/get/' y '/data-files/get/'. Todos los usuarios que ejecutan el servidor de contenido de calibre con la autenticaci\u00f3n habilitada se ven afectados. La vulnerabilidad es explotable por cualquier usuario autenticado y tambi\u00e9n puede ser activada enga\u00f1ando a una v\u00edctima autenticada para que haga clic en un enlace manipulado. La versi\u00f3n 9.4.0 contiene una soluci\u00f3n para el problema."}], "lastModified": "2026-06-17T10:27:43.377", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3665E54E-5F8D-405A-BA97-8DD783962094", "versionEndExcluding": "9.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}