CVE-2026-34238

🗓️ 13 Apr 2026 22:16:00Reported by ubuntu.comType

Despeckle overflow causes 32-bit heap overflow and out-of-bounds write; fixed in version 6.9.13-44 and 7.1.2-19.

Reporter	Title	Published	Views	Family All 58
ATTACKERKB	CVE-2026-34238	13 Apr 202621:14	–	attackerkb
AlpineLinux	CVE-2026-34238	13 Apr 202621:14	–	alpinelinux
Circl	CVE-2026-34238	14 Apr 202601:24	–	circl
CNNVD	ImageMagick 缓冲区错误漏洞	13 Apr 202600:00	–	cnnvd
CVE	CVE-2026-34238	13 Apr 202621:14	–	cve
Cvelist	CVE-2026-34238 ImageMagick: Integer overflow in despeckle operation causes heap buffer overflow on 32-bit builds	13 Apr 202621:14	–	cvelist
Debian	[SECURITY] [DLA 4559-1] imagemagick security update	1 May 202620:33	–	debian
Debian	[SECURITY] [DSA 6240-1] imagemagick security update	1 May 202615:32	–	debian
Debian	[SECURITY] [DSA 6245-1] imagemagick security update	3 May 202615:01	–	debian
Debian CVE	CVE-2026-34238	13 Apr 202621:14	–	debiancve

OS	OS Version	Architecture	Package	Filename
Ubuntu	14.04	any	imagemagick	imagemagick_0_any.deb
Ubuntu	16.04	any	imagemagick	imagemagick_0_any.deb
Ubuntu	18.04	any	imagemagick	imagemagick_0_any.deb
Ubuntu	20.04	any	imagemagick	imagemagick_0_any.deb
Ubuntu	22.04	any	imagemagick	imagemagick_0_any.deb
Ubuntu	24.04	any	imagemagick	imagemagick_0_any.deb
Ubuntu	25.10	any	imagemagick	imagemagick_0_any.deb
Ubuntu	26.04	any	imagemagick	imagemagick_0_any.deb

Source	Link
cve	www.cve.org/CVERecord
github	www.github.com/ImageMagick/ImageMagick/security/advisories/GHSA-26qp-ffjh-2x4v
github	www.github.com/ImageMagick/ImageMagick/commit/bcd8519c70ecd9ebbc180920f2cf97b267d1f440%20(7.1.2-19)
github	www.github.com/ImageMagick/ImageMagick6/commit/4b265a742949437a55e344a3ff694281af266190%20(6.9.13-44)
github	www.github.com/ImageMagick/ImageMagick/commit/bcd8519c70ecd9ebbc180920f2cf97b267d1f440
github	www.github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19
github	www.github.com/dlemstra/Magick.NET/releases/tag/14.12.0

16 Apr 2026 03:50Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.1 - 5.5

EPSS0.00148

SSVC