CVE-2026-25988

creationtimestamp| type| source ---|---|--- 2026-03-30 07:02:32+00:00| seen| https://infosec.exchange/users/certvde/statuses/116316841599408182...

CLSA-2026-1774351941 Fix CVE(s): CVE-2026-23952, CVE-2026-25970, CVE-2026-25988

SECURITY UPDATE: NULL pointer dereference in MSL parser - debian/patches/CVE-2026-23952.patch: add NULL check for image before DeleteImageProperty in comment and label tag handlers - CVE-2026-23952 SECURITY UPDATE: memory leak in MSL parser - debian/patches/CVE-2026-25988.patch: return stack inde...

ROOT-OS-DEBIAN-12-CVE-2026-25988 CVE-2026-25988 in rootio-imagemagick - Patched by Root

Root has patched CVE-2026-25988 in the rootio-imagemagick package for Root:Debian:12. Multiple fixed versions available...

[SECURITY] [DLA 4497-1] imagemagick security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4497-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès March 11, 2026 https://wiki.debian.org/LTS -...

Debian dsa-6159 : imagemagick - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6159 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6159-1 [email protected] https://www.debian.org/securit...

Linux Distros Unpatched Vulnerability : CVE-2026-25988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails t...

CVE-2026-25988

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-4...

UBUNTU-CVE-2026-25988

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-4...

CVE-2026-25988

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-4...

CVE-2024-25988

In SAEMMDiscloseGuti of SAEMMRadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-25988

Missing Authorization vulnerability in Video Gallery by Total-Soft Video Gallery – YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Gallery – YouTube Gallery: from n/a through 1.7.6...

CVE-2020-25988

UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 P4410-V2–1.34H has an action 'XGetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent...

CVE-2025-25988

Cross Site Scripting vulnerability in hooskcms v.1.8 allows a remote attacker to cause a denial of service via the custom Link title parameter and the Title parameter...

CVE-2025-25988

Cross Site Scripting vulnerability in hooskcms v.1.8 allows a remote attacker to cause a denial of service via the custom Link title parameter and the Title parameter...

CVE-2025-25988

CVE-2025-25988 affects hooskcms v1.8 with a Cross Site Scripting vulnerability that can cause denial of service when a remote attacker manipulates the Link title parameter and the Title parameter. The issue is documented across multiple feeds (NVD/Red Hat/CIRCL/OSV) with no public patch details i...

CVE-2023-25988 WordPress Video Gallery – YouTube Gallery plugin <= 1.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Video Gallery by Total-Soft Video Gallery – YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Gallery – YouTube Gallery: from n/a through 1.7.6...

CVE-2023-25988

The CVE-2023-25988 entry is about WordPress Video Gallery – YouTube Gallery plugin (

CVE-2024-25988

creationtimestamp| type| source ---|---|--- 2024-03-11 20:26:56+00:00| seen| https://t.me/ctinow/205036...

CVE-2024-25988

CVE-2024-25988 describes an out-of-bounds read in the SAEMM_DiscloseGuti path of SAEMM_RadioMessageCodec.c, causing potential remote information disclosure without extra execution privileges. Affected component is related to Google/Pixel modem code; exploitation is described as requiring no user ...

WordPress Video Gallery – YouTube Gallery Plugin <= 1.7.6 is vulnerable to Broken Access Control

Software Video Gallery – YouTube Gallery Type Plugin Vulnerable versions = 1.7.6 Fixed in 1.7.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25988 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 1684686ddd67 Credits István Márt...