Lucene search
K

14699 matches found

RedhatCVE
RedhatCVE
added 2 days ago7 views

CVE-2026-61870

A flaw was found in ImageMagick. This vulnerability involves a memory leak within the VIFF encoder, a component responsible for handling image files. An attacker could exploit this by providing specially crafted VIFF images, which would trigger memory allocation failures. This action can exhaust...

2.9CVSS6AI score0.00104EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-61858

A flaw was found in ImageMagick. This vulnerability allows attackers to bypass configured policy restrictions through the APNG Animated Portable Network Graphics encoding process. By exploiting missing validation checks in the APNG encoder and external delegates, an attacker can write files to...

4.8CVSS6AI score0.00133EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-61861

A flaw was found in ImageMagick. This use-after-free vulnerability exists in the FormatMagickCaption method. When memory allocation fails, an attacker can trigger a dangling pointer to reference freed memory. This could potentially lead to a denial of service or arbitrary code execution...

6.3CVSS6.2AI score0.00277EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-61465

A flaw was found in ImageMagick. This vulnerability occurs because ImageMagick is missing a check for the allowed memory allocation limit during certain image processing operations, such as when using the -canny function. A remote attacker could provide a specially crafted image, causing the...

5.5CVSS6.1AI score0.00105EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-61857

A flaw was found in ImageMagick. This vulnerability allows a remote attacker to cause the application to crash. The issue stems from improper handling of XMP Extensible Metadata Platform profiles within image files. By crafting a malicious image with specially designed XMP data, an attacker can...

6.5CVSS6.1AI score0.00226EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-43189

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service...

2.9CVSS6.1AI score0.00104EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43188

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

6.3CVSS6.2AI score0.00277EPSS
Exploits0References2
CVE
CVE
added 2 days ago11 views

CVE-2026-61870

CVE-2026-61870 concerns ImageMagick before 7.1.2-26, where a memory leak in the VIFF encoder occurs when memory allocation fails. Processing specially crafted VIFF images can exhaust memory and trigger denial of service. The connected documents provide the affected product/version and the underly...

2.9CVSS6.1AI score0.00104EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago6 views

CVE-2026-61858

ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process...

4.8CVSS6.1AI score0.00133EPSS
Exploits0
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-43187

ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process...

4.8CVSS6.1AI score0.00133EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago4 views

CVE-2026-61857

ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes...

6.3CVSS6.1AI score0.00226EPSS
Exploits0
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-43185

ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of...

4.8CVSS6.1AI score0.00105EPSS
Exploits0References2
CVE
CVE
added 2 days ago10 views

CVE-2026-61857

ImageMagick prior to 7.1.2-26 contains a heap use-after-free vulnerability caused by a missing null check when parsing XMP profiles. Attackers can craft specially crafted XMP data in image files to trigger the issue, potentially causing application crashes. The CVE record and CVE list entries con...

6.3CVSS6.1AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2 days ago9 views

CVE-2026-56372

CVE-2026-56372 affects ImageMagick prior to 7.1.2-19. The vulnerability is a heap buffer overflow in the magnify operation caused by an unrecognized magnify:method value, which can lead to an out-of-bounds read. This may allow exposure of sensitive information or contribute to a denial of service...

4.8CVSS6.2AI score0.00116EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2 days ago3 views

ImageMagick-7.1.2.27-1.1 on GA media (moderate)

ImageMagick-7.1.2.27-1.1 on GA media Announcement ID: openSUSE-SU-2026:11228-1 Rating: moderate Cross-References: CVE-2026-53466 CVE-2026-53467 CVE-2026-55510 CVE-2026-55577 CVE-2026-55594 CVE-2026-55595 CVE-2026-55597 CVE-2026-55628 CVE-2026-56361 CVE-2026-56362 CVE-2026-56363 CVE-2026-56364...

6.9CVSS6.1AI score0.00284EPSS
Exploits1
NVD
NVD
added 3 days ago8 views

CVE-2026-56373

ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory...

6.3CVSS0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-56373 ImageMagick - Use-After-Free Write in PDB Decoder

ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory...

6.3CVSS0.00221EPSS
Exploits0References2
CVE
CVE
added 3 days ago7 views

CVE-2026-56373

ImageMagick (before 7.1.2-15) contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger crashes or write a single zero byte to freed memory by processing malicious PDB files. The issue is caused by a use-after-free in ...

6.3CVSS6.1AI score0.00221EPSS
Exploits0References2
CVE
CVE
added 3 days ago5 views

CVE-2026-56366

CVE-2026-56366 affects ImageMagick before 7.1.2-18. The vulnerability is a memory leak in the META reader when processing APP1JPEG input paths, which can be triggered by specially crafted APP1JPEG images and may lead to denial of service via resource exhaustion. Connected sources confirm the affe...

4.8CVSS6.1AI score0.00103EPSS
Exploits0References2
Debian CVE
Debian CVE
added 3 days ago5 views

CVE-2026-56366

ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion...

4.8CVSS6.1AI score0.00103EPSS
Exploits0
Rows per page
Query Builder