Description
An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information.
References (4)
Core 4
Core References
Various Sources
http://comic.com
Various Sources
https://android-tools.ru/
Various Sources
https://secsys.fudan.edu.cn/
Issue Tracking
https://github.com/Secsys-FDU/AF_CVEs/issues/12
Scores
CVSS v3
8.1
EPSS
0.0048
EPSS Percentile
37.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-22
Status
published
Published
Feb 04, 2026
Tracked Since
Feb 18, 2026