Debian Security Advisory DSA-6240-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 01, 2026 https://www.debian.org/security/faq

Package : imagemagick CVE ID : CVE-2026-32636 CVE-2026-33535 CVE-2026-33536 CVE-2026-33899 CVE-2026-33900 CVE-2026-33901 CVE-2026-33902 CVE-2026-33905 CVE-2026-33908 CVE-2026-34238 CVE-2026-40169 CVE-2026-40183 CVE-2026-40310 CVE-2026-40311 CVE-2026-40312

Multiple security vulnerabilities were discovered in imagemagick, a software suite used for editing and manipulating digital images, which could lead to denial of service, information disclosure or potentially arbitrary code execution if malformed images are processed.

For the stable distribution (trixie), these problems have been fixed in version 8:7.1.1.43+dfsg1-1+deb13u8.

We recommend that you upgrade your imagemagick packages.

For the detailed security status of imagemagick please refer to its security tracker page at: https://security-tracker.debian.org/tracker/imagemagick

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/