Lucene search
K

3245 matches found

NVD
NVD
added yesterday6 views

CVE-2026-56366

ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion...

4.8CVSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-56374

A heap buffer overflow vulnerability exists in ImageMagick and Magick.NET's FTXT encoder due to missing boundary checks for the ftxt:format parameter. A remote attacker could exploit this using a specially crafted FTXT image to cause a denial of service or disclose sensitive information. Mitigati...

7.1CVSS6.1AI score0.00157EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 3 days ago4 views

CVE-2026-56362

ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting a...

4.2CVSS6.1AI score0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-56362 ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization

ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting a...

3.3CVSS0.0023EPSS
Exploits0References2
Debian CVE
Debian CVE
added 3 days ago4 views

CVE-2026-56374

ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due to missing boundary checks when parsing ftxt:format. Remote attackers can trigger an out of bounds read by crafting malicious FTXT image files to cause denial of service or information disclosure...

7.1CVSS6.2AI score0.00157EPSS
Exploits0
OSV
OSV
added 5 days ago5 views

OESA-2026-2853 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

6.5CVSS6.1AI score0.00241EPSS
Exploits0References8
Cvelist
Cvelist
added 5 days ago39 views

CVE-2026-6382 Multiple elFinder Plugins - Authenticated OS Command Injection

The FileOrganizer WordPress plugin before 1.1.9, Advanced File Manager WordPress plugin before 5.4.12, File Manager Pro WordPress plugin before 2.1.1, File Manager WordPress plugin before 8.0.4 do not properly escape a parameter before passing it to a shell command when processing image operation...

0.00902EPSS
Exploits0References1
CVE
CVE
added 5 days ago15 views

CVE-2026-6382

The CVE affects multiple elFinder-based WordPress plugins: FileOrganizer (before 1.1.9), Advanced File Manager (before 5.4.12), File Manager Pro (before 2.1.1), and File Manager (before 8.0.4). The root cause is improper escaping of a parameter passed to a shell command during image operations, e...

9.1CVSS6AI score0.00902EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-6382

The FileOrganizer WordPress plugin before 1.1.9, Advanced File Manager WordPress plugin before 5.4.12, File Manager Pro WordPress plugin before 2.1.1, File Manager WordPress plugin before 8.0.4 do not properly escape a parameter before passing it to a shell command when processing image operation...

9.1CVSS6AI score0.00902EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-55595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid...

4.7CVSS5.9AI score0.0009EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-55577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow...

5.9CVSS6.1AI score0.00226EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, the MNG decoder contain...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-55510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an ima...

5.5CVSS5.9AI score0.00103EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/01 11:6 p.m.8 views

CVE-2026-55577

A flaw was found in ImageMagick, free and open-source software for editing and manipulating digital images. A heap buffer overflow occurs in the MVG Magick Vector Graphics decoder when processing a specially crafted image. This vulnerability could allow an attacker to cause an out-of-bounds write...

5.9CVSS5.8AI score0.00226EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/01 11:1 p.m.5 views

CVE-2026-55594

A flaw was found in ImageMagick, free and open-source software for editing and manipulating digital images. A missing depth check in the MVG Magick Vector Graphics decoder can lead to a stack overflow when a remote attacker provides a specially crafted image. This vulnerability could result in a...

5.3CVSS5.8AI score0.00241EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 7:16 p.m.5 views

CVE-2026-55595

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS0.0009EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 7:16 p.m.5 views

CVE-2026-55594

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder will result in a stack overflow when a crafted image is provided. This issue has been fixed in versions 6.9.13-51 and...

5.3CVSS0.00241EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 7:16 p.m.6 views

CVE-2026-55577

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...

5.9CVSS0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 7:16 p.m.5 views

CVE-2026-53466

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. This issue has been...

6.5CVSS0.0022EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 7:0 p.m.56 views

CVE-2026-55595

ImageMagick is affected by a vulnerability in the connected-components option. Prior to versions 6.9.13-51 and 7.1.2-26, providing invalid arguments to this option can cause an infinite loop (local attack vector, high availability impact) as described in the CVE notes. The issue has been fixed in...

4.7CVSS5.8AI score0.0009EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder