Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, there was a heap buffer overflow vulnerability in the XBM image decoder ReadXBMImage. This vulnerability allowed attackers to write controlled data beyond the...

UBUNTU-CVE-2026-23874

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...

CVE-2026-23876

CVE-2026-23876 – ImageMagick heap buffer overflow (ReadXBMImage) Affected software: ImageMagick versions prior to 7.1.2-13 and 6.9.13-38.Root cause: heap buffer overflow in the XBM image decoder during processing of crafted images.Impact: attacker can write data past the allocated heap buffer, po...

CVE-2026-23876 Heap buffer overflow with attacker-controlled data in XBM parser

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder ReadXBMImage allows an attacker to write controlled data past the allocated heap buffer when...

CVE-2026-23874 ImageMagick's MSL: Stack overflow via infinite recursion in ProcessMSLScript

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...

CVE-2026-22770 ImageMagick vulnerable to Release of Invalid Pointer in BilateralBlur when memory allocation fails

ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initialized. This will...

CVE-2026-22770 ImageMagick vulnerable to Release of Invalid Pointer in BilateralBlur when memory allocation fails

ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initialized. This will...

CVE-2026-22770

CVE-2026-22770 affects ImageMagick: in BilateralBlurImage, the last element of a double-buffer set isn’t properly initialized inside AcquireBilateralTLS, leading to an invalid pointer being freed in DestroyBilateralTLS when memory allocation fails. The issue is fixed in version 7.1.2-13. Connecte...