Summary Product Calibre Vendor Calibre Severity Critical - Unprivileged adversaries may exploit software vulnerabilities to perform remote code execution Affected Versions 6.9.0 ~ 7.14.0 (latest version as of writing) Tested Versions 7.14.0 CVE Identifier CVE-2024-6782 CVE Description Improper Access Control in Calibre Content Server allows remote code execution CWE Classification(s) CWE-863: Incorrect Authorization CAPEC Classification(s) CAPEC-253: Remote Code Inclusion CVSS3.
