CVE-2025-6998 | Calibre Web/Autocaliweb 0.6.24 cps/string_helper.py strip_whitespaces Username redos

A vulnerability, which was classified as problematic, was found in Calibre Web and Autocaliweb 0.6.24. This affects the function strip_whitespaces of the file cps/string_helper.py. The manipulation of the argument Username leads to inefficient regular expression complexity.

This vulnerability is uniquely identified as CVE-2025-6998. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More