ImageMagick: Code Injection via PostScript header in ps coders

The ps encoders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a malicious file and inject arbitrary PostScript code. When the resulting file is processed by a printer or a viewer like Ghostscript, the...

CVE-2026-25797

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

CVE-2026-25797

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

CVE-2026-25797

ImageMagick (affected: 7.1.2-15 and 6.9.13-40) contains two input-sanitization issues in the PostScript header written by the ps coders and in HTML escaping when writing to documents. The ps coders fail to sanitize input before inserting into the PostScript header, allowing an attacker to craft a...

Denial Of Service (DoS)

ASP.NET Core is vulnerable to a denial of service vulnerability. This is due to the way HTML Encoder processes unicode characters when performing encoding, which results in an exception...