RCE in Koodo-reader
CVE-2026-55408
Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content i…
Vulnerability class: RCE (Remote Code Execution)
Affected products
- Koodo-reader — versions < 2.3.1
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)