RCE in Koodo-reader

CVE-2026-55408

Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content i…

Vulnerability class: RCE (Remote Code Execution)

Affected products

Weakness classification (CWE)

References