Main Vulnerability Database Vulnerabilities #VU135812

HTTP response splitting in Calibre - CVE-2026-27810

Published: June 29, 2026

Vulnerability identifier: #VU135812

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-27810

CWE-ID: CWE-113

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Calibre

Affected software:
Calibre

Detailed vulnerability description

The vulnerability allows a remote user to inject arbitrary HTTP response headers.

The vulnerability exists due to improper neutralization of crlf sequences in http response headers in the calibre Content Server /get/ and /data-files/get/ endpoints when processing the content_disposition query parameter. A remote user can send a specially crafted request to inject arbitrary HTTP response headers.

User interaction is not required for direct exploitation, but the issue can also be triggered by tricking an authenticated victim into opening a crafted link in a browser session.

How to mitigate CVE-2026-27810

Install security update from vendor's website.

Sources

https://github.com/kovidgoyal/calibre/security/advisories/GHSA-5fpj-fxw7-8grw

HTTP response splitting in Calibre - CVE-2026-27810

Detailed vulnerability description

How to mitigate CVE-2026-27810

Sources

Please verify you're human