Is Windows affected by CVE-2026-25635?

Calibre versions prior to 9.2.0 contain a critical vulnerability in the CHM reader that enables attackers to write arbitrary files to systems where users have access permissions.

CVE-2026-25635

HIGH

2026-02-06 [email protected]

8.6

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Feb 17, 2026 - 21:27 vuln.today

Public exploit code

Patch Released

Feb 17, 2026 - 21:27 nvd

Patch available

CVE Published

Feb 06, 2026 - 21:16 nvd

HIGH 8.6

Description

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows (haven't tested on other OS's), this can lead to Remote Code Execution by writing a payload to the Startup folder, which executes on next login. This vulnerability is fixed in 9.2.0.

Analysis

Remote code execution in Calibre prior to version 9.2.0 through a path traversal flaw in the CHM reader allows local attackers to write arbitrary files with user permissions, enabling payload execution via the Windows Startup folder. Public exploit code exists for this vulnerability. …

Remediation

Within 24 hours: Identify all systems running Calibre versions prior to 9.2.0 using asset inventory tools and disable CHM file handling if not business-critical. Within 7 days: Deploy Calibre 9.2.0 or later across all affected systems; prioritize user-facing and shared systems first. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +43

POC: +20

Vendor Status

CVE-2026-25635 vulnerability details – vuln.today

Back

CVE-2026-25635

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Vendor Status

Share

CVE-2026-25635

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Vendor Status

Share

External POC / Exploit Code