CVE-2018-7889

HIGH

Calibre <3.18 - RCE

Title source: llm

Description

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.

References (2)

[Exploit, Third Party Advisory] https://bugs.launchpad.net/calibre/+bug/1753870

[Patch] https://github.com/kovidgoyal/calibre/commit/aeb5b036a0bf657951756688b3c72bd68b6e4a7d

View Patch ZIP pw:eip

Scores

CVSS v3 7.8

EPSS 0.1088

EPSS Percentile 93.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-502

Status published

Affected Products (1)

calibre-ebook/calibre

Timeline

Published Mar 08, 2018

Tracked Since Feb 18, 2026