Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1564 vulnerabilities found for ImageMagick by ImageMagick

    CVE-2026-56377 (GCVE-0-2026-56377)

    Vulnerability from nvd – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Policy Bypass via Incorrect Path Validation
    Summary
    ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-24 (semver)
    Unaffected: 7.1.2-24 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-48 (semver)
    Unaffected: 6.9.13-48 (semver)
    Create a notification for this product.
    Date Public
    2026-05-30 00:00
    Credits
    sondt99
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-24",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-24",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-48",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-48",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-24",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-48",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "sondt99"
            }
          ],
          "datePublic": "2026-05-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:39.614Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-gm48-c7f2-v67p)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gm48-c7f2-v67p"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Policy Bypass via Incorrect Path Validation",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-policy-bypass-via-incorrect-path-validation"
            }
          ],
          "title": "ImageMagick - Policy Bypass via Incorrect Path Validation",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56377",
        "datePublished": "2026-06-30T22:08:39.614Z",
        "dateReserved": "2026-06-21T02:05:47.495Z",
        "dateUpdated": "2026-06-30T22:08:39.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56369 (GCVE-0-2026-56369)

    Vulnerability from nvd – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage
    Summary
    ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images.
    CWE
    • CWE-323 - Reusing a Nonce, Key Pair in Encryption
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-22 (semver)
    Unaffected: 7.1.2-22 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-47 (semver)
    Unaffected: 6.9.13-47 (semver)
    Create a notification for this product.
    Date Public
    2026-05-16 00:00
    Credits
    007bsd LuiginoC
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-22",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-47",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-47",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-22",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-47",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "007bsd"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "LuiginoC"
            }
          ],
          "datePublic": "2026-05-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-323",
                  "description": "Reusing a Nonce, Key Pair in Encryption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:38.920Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-qv2q-c278-pch5)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qv2q-c278-pch5"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-information-disclosure-via-aes-ctr-nonce-reuse-in-passkeyencipherimage"
            }
          ],
          "title": "ImageMagick - Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56369",
        "datePublished": "2026-06-30T22:08:38.920Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-30T22:08:38.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56365 (GCVE-0-2026-56365)

    Vulnerability from nvd – Published: 2026-06-30 22:08 – Updated: 2026-07-01 13:16
    VLAI
    Title
    ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing
    Summary
    ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-19 (semver)
    Unaffected: 7.1.2-19 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-44 (semver)
    Unaffected: 6.9.13-44 (semver)
    Create a notification for this product.
    Date Public
    2026-04-13 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56365",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T13:16:02.735899Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T13:16:12.822Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-19",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-44",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-44",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-19",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-44",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:38.238Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-x928-4434-crqj)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-x928-4434-crqj"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-png-encoder-via-mng-image-writing"
            }
          ],
          "title": "ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56365",
        "datePublished": "2026-06-30T22:08:38.238Z",
        "dateReserved": "2026-06-20T21:16:53.711Z",
        "dateUpdated": "2026-07-01T13:16:12.822Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56364 (GCVE-0-2026-56364)

    Vulnerability from nvd – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML
    Summary
    ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and cause denial of service.
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-13 (semver)
    Unaffected: 7.1.2-13 (semver)
    Create a notification for this product.
    Date Public
    2026-01-19 00:00
    Credits
    Keryer
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-13",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-13",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-13",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Keryer"
            }
          ],
          "datePublic": "2026-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and cause denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 1.8,
                "baseSeverity": "LOW",
                "privilegesRequired": "HIGH",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 1.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:37.521Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-qp59-x883-77qv)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp59-x883-77qv"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a52c1b402be08ef8ae193f28ac5b2e120f2fa26f",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a52c1b402be08ef8ae193f28ac5b2e120f2fa26f"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-loadopencldevicebenchmark-via-malformed-xml"
            }
          ],
          "title": "ImageMagick - Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56364",
        "datePublished": "2026-06-30T22:08:37.521Z",
        "dateReserved": "2026-06-20T21:16:53.711Z",
        "dateUpdated": "2026-06-30T22:08:37.521Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56363 (GCVE-0-2026-56363)

    Vulnerability from nvd – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Division by Zero in Binomial Kernel Processing
    Summary
    ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash.
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-22 (semver)
    Unaffected: 7.1.2-22 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-47 (semver)
    Unaffected: 6.9.13-47 (semver)
    Create a notification for this product.
    Date Public
    2026-05-16 00:00
    Credits
    007bsd
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-22",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-47",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-47",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-22",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-47",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "007bsd"
            }
          ],
          "datePublic": "2026-05-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:36.839Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-vf33-6r7x-66xx)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vf33-6r7x-66xx"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Division by Zero in Binomial Kernel Processing",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-division-by-zero-in-binomial-kernel-processing"
            }
          ],
          "title": "ImageMagick - Division by Zero in Binomial Kernel Processing",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56363",
        "datePublished": "2026-06-30T22:08:36.839Z",
        "dateReserved": "2026-06-20T21:16:53.711Z",
        "dateUpdated": "2026-06-30T22:08:36.839Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56361 (GCVE-0-2026-56361)

    Vulnerability from nvd – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Heap Buffer Overflow via Off-by-One in Morphology Processing
    Summary
    ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-19 (semver)
    Unaffected: 7.1.2-19 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-44 (semver)
    Unaffected: 6.9.13-44 (semver)
    Create a notification for this product.
    Date Public
    2026-04-13 00:00
    Credits
    shitianyu-2004
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-19",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-44",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-44",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-19",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-44",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shitianyu-2004"
            }
          ],
          "datePublic": "2026-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:36.159Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-q8h3-jv9v-57qx)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-q8h3-jv9v-57qx"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Heap Buffer Overflow via Off-by-One in Morphology Processing",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-heap-buffer-overflow-via-off-by-one-in-morphology-processing"
            }
          ],
          "title": "ImageMagick - Heap Buffer Overflow via Off-by-One in Morphology Processing",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56361",
        "datePublished": "2026-06-30T22:08:36.159Z",
        "dateReserved": "2026-06-20T21:16:53.711Z",
        "dateUpdated": "2026-06-30T22:08:36.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56370 (GCVE-0-2026-56370)

    Vulnerability from nvd – Published: 2026-06-24 11:53 – Updated: 2026-06-25 13:20
    VLAI
    Title
    ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact
    Summary
    ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of service or potential code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-19 (semver)
    Unaffected: 7.1.2-19 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-44 (semver)
    Unaffected: 6.9.13-44 (semver)
    Create a notification for this product.
    Date Public
    2026-04-13 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56370",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T13:20:24.893673Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T13:20:32.154Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-19",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-44",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-44",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-19",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-44",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of service or potential code execution."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-24T11:53:21.113Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-pmpg-6pww-fg6q)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pmpg-6pww-fg6q"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-out-of-bounds-access-in-connectedcomponentsimage-via-connected-components-artifact"
            }
          ],
          "title": "ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56370",
        "datePublished": "2026-06-24T11:53:21.113Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-25T13:20:32.154Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56368 (GCVE-0-2026-56368)

    Vulnerability from nvd – Published: 2026-06-24 11:53 – Updated: 2026-06-24 13:40
    VLAI
    Title
    ImageMagick - Memory Leak in Raw Pixel Data Coders
    Summary
    ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56368",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-24T13:37:57.353115Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-24T13:40:10.781Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-24T11:53:20.423Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-wfx3-6g53-9fgc)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wfx3-6g53-9fgc"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Memory Leak in Raw Pixel Data Coders",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-raw-pixel-data-coders"
            }
          ],
          "title": "ImageMagick - Memory Leak in Raw Pixel Data Coders",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56368",
        "datePublished": "2026-06-24T11:53:20.423Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-24T13:40:10.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56379 (GCVE-0-2026-56379)

    Vulnerability from nvd – Published: 2026-06-23 12:13 – Updated: 2026-06-30 12:10
    VLAI
    Title
    ImageMagick - Command Injection via SVG Decoder
    Summary
    ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-116 - Improper Encoding or Escaping of Output
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server Optional (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    phenggeler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56379",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T13:58:05.952386Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T13:58:13.304Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-06-23T12:13:05.492Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in ImageMagick. This command injection vulnerability in the SVG (Scalable Vector Graphics) decoder allows a remote attacker to craft malicious SVG files. When these files are processed, the injected Magick Vector Graphics (MVG) commands can execute, potentially leading to arbitrary code execution on the affected system."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:10:42.910Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-56379"
              },
              {
                "name": "RHBZ#2491700",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491700"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-56379.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:32961"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:32961: Red Hat Enterprise Linux Server (v. 7 ELS), Red Hat Enterprise Linux Server Optional (v. 7 ELS)"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-06-23T13:01:13.843Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-06-23T12:13:05.492Z",
                "value": "Made public."
              }
            ],
            "title": "ImageMagick: ImageMagick: Arbitrary code execution via SVG decoder command injection",
            "workarounds": [
              {
                "lang": "en",
                "value": "Restrict ImageMagick processing capabilities via policy.xml, disabling the SVG coder and restricting delegates to prevent injection escalation to OS command execution. Enforce mandatory access control (SELinux/AppArmor) combined with seccomp syscall filtering to block execve. For systemd services, enable NoNewPrivileges, ProtectSystem=strict, ProtectHome=true, and PrivateDevices=true."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "phenggeler"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-116",
                  "description": "Improper Encoding or Escaping of Output",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-23T12:13:05.492Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-xpg8-7m6m-jf56)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xpg8-7m6m-jf56"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Command Injection via SVG Decoder",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-command-injection-via-svg-decoder"
            }
          ],
          "title": "ImageMagick - Command Injection via SVG Decoder",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56379",
        "datePublished": "2026-06-23T12:13:05.492Z",
        "dateReserved": "2026-06-21T02:05:47.495Z",
        "dateUpdated": "2026-06-30T12:10:42.910Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56376 (GCVE-0-2026-56376)

    Vulnerability from nvd – Published: 2026-06-23 12:13 – Updated: 2026-06-23 13:06
    VLAI
    Title
    ImageMagick - Heap Use-After-Free in Meta Coder
    Summary
    ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56376",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T13:06:03.212009Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T13:06:10.787Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-23T12:13:04.795Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-2gq3-ww97-wfjm)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-2gq3-ww97-wfjm"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Heap Use-After-Free in Meta Coder",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-heap-use-after-free-in-meta-coder"
            }
          ],
          "title": "ImageMagick - Heap Use-After-Free in Meta Coder",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56376",
        "datePublished": "2026-06-23T12:13:04.795Z",
        "dateReserved": "2026-06-21T02:05:47.495Z",
        "dateUpdated": "2026-06-23T13:06:10.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56371 (GCVE-0-2026-56371)

    Vulnerability from nvd – Published: 2026-06-23 12:13 – Updated: 2026-06-24 15:44
    VLAI
    Title
    ImageMagick - Memory Leak in TXT File Processing via Texture Attribute
    Summary
    ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is processed.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    unbengable12
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56371",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-24T15:43:57.913723Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-24T15:44:24.102Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "unbengable12"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is processed."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-23T12:13:04.085Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-3q5f-gmjc-38r8)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3q5f-gmjc-38r8"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Memory Leak in TXT File Processing via Texture Attribute",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-txt-file-processing-via-texture-attribute"
            }
          ],
          "title": "ImageMagick - Memory Leak in TXT File Processing via Texture Attribute",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56371",
        "datePublished": "2026-06-23T12:13:04.085Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-24T15:44:24.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56378 (GCVE-0-2026-56378)

    Vulnerability from nvd – Published: 2026-06-21 13:26 – Updated: 2026-06-22 13:20
    VLAI
    Title
    ImageMagick - Heap Out-of-Bounds Read in PCD Decoder
    Summary
    ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during image decoding, resulting in denial of service and potential disclosure of an adjacent heap byte.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56378",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-22T13:20:07.253117Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-22T13:20:32.902Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) contains a heap out-of-bounds read in the PCD coder\u0027s DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during image decoding, resulting in denial of service and potential disclosure of an adjacent heap byte."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-21T13:26:57.584Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GHSA Advisory GHSA-wgxp-q8xq-wpp9",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wgxp-q8xq-wpp9"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Heap Out-of-Bounds Read in PCD Decoder",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-heap-out-of-bounds-read-in-pcd-decoder"
            }
          ],
          "title": "ImageMagick - Heap Out-of-Bounds Read in PCD Decoder",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56378",
        "datePublished": "2026-06-21T13:26:57.584Z",
        "dateReserved": "2026-06-21T02:05:47.495Z",
        "dateUpdated": "2026-06-22T13:20:32.902Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56367 (GCVE-0-2026-56367)

    Vulnerability from nvd – Published: 2026-06-21 13:26 – Updated: 2026-06-22 12:18
    VLAI
    Title
    ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding
    Summary
    ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 7.0.0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 6.9.0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    andsopwn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56367",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-22T12:18:37.914953Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-22T12:18:44.959Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "6.9.0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "versionStartIncluding": "7.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "versionStartIncluding": "6.9.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "andsopwn"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T11:33:08.238Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GHSA Advisory GHSA-273h-m46v-96q4",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-273h-m46v-96q4"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-heap-out-of-bounds-read-in-psb-rle-decoding"
            }
          ],
          "title": "ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56367",
        "datePublished": "2026-06-21T13:26:56.878Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-22T12:18:44.959Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53465 (GCVE-0-2026-53465)

    Vulnerability from nvd – Published: 2026-06-10 22:07 – Updated: 2026-06-11 14:07
    VLAI
    Title
    ImageMagick: Heap Buffer Over-Write in SF3 encoder when writing multi-frame image
    Summary
    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder. This issue has been patched in version 7.1.2-25.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: < 7.1.2-25
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53465",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T14:06:53.311746Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T14:07:06.636Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 7.1.2-25"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder. This issue has been patched in version 7.1.2-25."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T22:07:50.597Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-44cp-c3ww-9rv5",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-44cp-c3ww-9rv5"
            }
          ],
          "source": {
            "advisory": "GHSA-44cp-c3ww-9rv5",
            "discovery": "UNKNOWN"
          },
          "title": "ImageMagick: Heap Buffer Over-Write in SF3 encoder when writing multi-frame image"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-53465",
        "datePublished": "2026-06-10T22:07:50.597Z",
        "dateReserved": "2026-06-09T16:31:21.495Z",
        "dateUpdated": "2026-06-11T14:07:06.636Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53464 (GCVE-0-2026-53464)

    Vulnerability from nvd – Published: 2026-06-10 22:07 – Updated: 2026-06-11 12:38
    VLAI
    Title
    ImageMagick: Memory Leak in wand option parser when providing invalid arguments
    Summary
    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: < 7.1.2-25
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53464",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T12:38:44.552836Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T12:38:53.826Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 7.1.2-25"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T22:07:06.566Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j989-f892-2335",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j989-f892-2335"
            }
          ],
          "source": {
            "advisory": "GHSA-j989-f892-2335",
            "discovery": "UNKNOWN"
          },
          "title": "ImageMagick: Memory Leak in wand option parser when providing invalid arguments"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-53464",
        "datePublished": "2026-06-10T22:07:06.566Z",
        "dateReserved": "2026-06-09T16:31:21.495Z",
        "dateUpdated": "2026-06-11T12:38:53.826Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53463 (GCVE-0-2026-53463)

    Vulnerability from nvd – Published: 2026-06-10 22:05 – Updated: 2026-06-11 12:56
    VLAI
    Title
    ImageMagick: Null Pointer Dereference in distort operation when passing incorrect arguments
    Summary
    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: < 6.9.13-50
    Affected: < 7.1.2-25
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53463",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T12:56:39.864847Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T12:56:56.146Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.9.13-50"
                },
                {
                  "status": "affected",
                  "version": "\u003c 7.1.2-25"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-50 and 7.1.2-25."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T22:05:58.915Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p9rq-q46c-g4x6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p9rq-q46c-g4x6"
            }
          ],
          "source": {
            "advisory": "GHSA-p9rq-q46c-g4x6",
            "discovery": "UNKNOWN"
          },
          "title": "ImageMagick: Null Pointer Dereference in distort operation when passing incorrect arguments"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-53463",
        "datePublished": "2026-06-10T22:05:58.915Z",
        "dateReserved": "2026-06-09T16:31:21.495Z",
        "dateUpdated": "2026-06-11T12:56:56.146Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-53462 (GCVE-0-2026-53462)

    Vulnerability from nvd – Published: 2026-06-10 22:04 – Updated: 2026-06-11 15:45
    VLAI
    Title
    ImageMagick: Use-After-Free when allocation in CheckPrimitiveExtent fails
    Summary
    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: < 6.9.13-50
    Affected: < 7.1.2-25
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-53462",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-11T15:44:34.088117Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-11T15:45:14.175Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.9.13-50"
                },
                {
                  "status": "affected",
                  "version": "\u003c 7.1.2-25"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched in versions 6.9.13-50 and 7.1.2-25."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416: Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-10T22:04:53.967Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-px7q-ggqj-hcf2",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-px7q-ggqj-hcf2"
            }
          ],
          "source": {
            "advisory": "GHSA-px7q-ggqj-hcf2",
            "discovery": "UNKNOWN"
          },
          "title": "ImageMagick: Use-After-Free when allocation in CheckPrimitiveExtent fails"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-53462",
        "datePublished": "2026-06-10T22:04:53.967Z",
        "dateReserved": "2026-06-09T16:31:21.495Z",
        "dateUpdated": "2026-06-11T15:45:14.175Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56377 (GCVE-0-2026-56377)

    Vulnerability from cvelistv5 – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Policy Bypass via Incorrect Path Validation
    Summary
    ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-24 (semver)
    Unaffected: 7.1.2-24 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-48 (semver)
    Unaffected: 6.9.13-48 (semver)
    Create a notification for this product.
    Date Public
    2026-05-30 00:00
    Credits
    sondt99
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-24",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-24",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-48",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-48",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-24",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-48",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "sondt99"
            }
          ],
          "datePublic": "2026-05-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:39.614Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-gm48-c7f2-v67p)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gm48-c7f2-v67p"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Policy Bypass via Incorrect Path Validation",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-policy-bypass-via-incorrect-path-validation"
            }
          ],
          "title": "ImageMagick - Policy Bypass via Incorrect Path Validation",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56377",
        "datePublished": "2026-06-30T22:08:39.614Z",
        "dateReserved": "2026-06-21T02:05:47.495Z",
        "dateUpdated": "2026-06-30T22:08:39.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56369 (GCVE-0-2026-56369)

    Vulnerability from cvelistv5 – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage
    Summary
    ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images.
    CWE
    • CWE-323 - Reusing a Nonce, Key Pair in Encryption
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-22 (semver)
    Unaffected: 7.1.2-22 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-47 (semver)
    Unaffected: 6.9.13-47 (semver)
    Create a notification for this product.
    Date Public
    2026-05-16 00:00
    Credits
    007bsd LuiginoC
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-22",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-47",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-47",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-22",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-47",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "007bsd"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "LuiginoC"
            }
          ],
          "datePublic": "2026-05-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-323",
                  "description": "Reusing a Nonce, Key Pair in Encryption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:38.920Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-qv2q-c278-pch5)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qv2q-c278-pch5"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-information-disclosure-via-aes-ctr-nonce-reuse-in-passkeyencipherimage"
            }
          ],
          "title": "ImageMagick - Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56369",
        "datePublished": "2026-06-30T22:08:38.920Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-30T22:08:38.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56365 (GCVE-0-2026-56365)

    Vulnerability from cvelistv5 – Published: 2026-06-30 22:08 – Updated: 2026-07-01 13:16
    VLAI
    Title
    ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing
    Summary
    ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-19 (semver)
    Unaffected: 7.1.2-19 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-44 (semver)
    Unaffected: 6.9.13-44 (semver)
    Create a notification for this product.
    Date Public
    2026-04-13 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56365",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T13:16:02.735899Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T13:16:12.822Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-19",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-44",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-44",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-19",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-44",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:38.238Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-x928-4434-crqj)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-x928-4434-crqj"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-png-encoder-via-mng-image-writing"
            }
          ],
          "title": "ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56365",
        "datePublished": "2026-06-30T22:08:38.238Z",
        "dateReserved": "2026-06-20T21:16:53.711Z",
        "dateUpdated": "2026-07-01T13:16:12.822Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56364 (GCVE-0-2026-56364)

    Vulnerability from cvelistv5 – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML
    Summary
    ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and cause denial of service.
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-13 (semver)
    Unaffected: 7.1.2-13 (semver)
    Create a notification for this product.
    Date Public
    2026-01-19 00:00
    Credits
    Keryer
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-13",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-13",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-13",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Keryer"
            }
          ],
          "datePublic": "2026-01-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and cause denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 1.8,
                "baseSeverity": "LOW",
                "privilegesRequired": "HIGH",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 1.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:37.521Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-qp59-x883-77qv)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp59-x883-77qv"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a52c1b402be08ef8ae193f28ac5b2e120f2fa26f",
              "tags": [
                "patch"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a52c1b402be08ef8ae193f28ac5b2e120f2fa26f"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-loadopencldevicebenchmark-via-malformed-xml"
            }
          ],
          "title": "ImageMagick - Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56364",
        "datePublished": "2026-06-30T22:08:37.521Z",
        "dateReserved": "2026-06-20T21:16:53.711Z",
        "dateUpdated": "2026-06-30T22:08:37.521Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56363 (GCVE-0-2026-56363)

    Vulnerability from cvelistv5 – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Division by Zero in Binomial Kernel Processing
    Summary
    ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash.
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-22 (semver)
    Unaffected: 7.1.2-22 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-47 (semver)
    Unaffected: 6.9.13-47 (semver)
    Create a notification for this product.
    Date Public
    2026-05-16 00:00
    Credits
    007bsd
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-22",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-47",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-47",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-22",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-47",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "007bsd"
            }
          ],
          "datePublic": "2026-05-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "Integer Overflow or Wraparound",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:36.839Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-vf33-6r7x-66xx)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vf33-6r7x-66xx"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Division by Zero in Binomial Kernel Processing",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-division-by-zero-in-binomial-kernel-processing"
            }
          ],
          "title": "ImageMagick - Division by Zero in Binomial Kernel Processing",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56363",
        "datePublished": "2026-06-30T22:08:36.839Z",
        "dateReserved": "2026-06-20T21:16:53.711Z",
        "dateUpdated": "2026-06-30T22:08:36.839Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56361 (GCVE-0-2026-56361)

    Vulnerability from cvelistv5 – Published: 2026-06-30 22:08 – Updated: 2026-06-30 22:08
    VLAI
    Title
    ImageMagick - Heap Buffer Overflow via Off-by-One in Morphology Processing
    Summary
    ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-19 (semver)
    Unaffected: 7.1.2-19 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-44 (semver)
    Unaffected: 6.9.13-44 (semver)
    Create a notification for this product.
    Date Public
    2026-04-13 00:00
    Credits
    shitianyu-2004
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-19",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-44",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-44",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-19",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-44",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shitianyu-2004"
            }
          ],
          "datePublic": "2026-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T22:08:36.159Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-q8h3-jv9v-57qx)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-q8h3-jv9v-57qx"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Heap Buffer Overflow via Off-by-One in Morphology Processing",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-heap-buffer-overflow-via-off-by-one-in-morphology-processing"
            }
          ],
          "title": "ImageMagick - Heap Buffer Overflow via Off-by-One in Morphology Processing",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56361",
        "datePublished": "2026-06-30T22:08:36.159Z",
        "dateReserved": "2026-06-20T21:16:53.711Z",
        "dateUpdated": "2026-06-30T22:08:36.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56370 (GCVE-0-2026-56370)

    Vulnerability from cvelistv5 – Published: 2026-06-24 11:53 – Updated: 2026-06-25 13:20
    VLAI
    Title
    ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact
    Summary
    ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of service or potential code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-19 (semver)
    Unaffected: 7.1.2-19 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-44 (semver)
    Unaffected: 6.9.13-44 (semver)
    Create a notification for this product.
    Date Public
    2026-04-13 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56370",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-25T13:20:24.893673Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-25T13:20:32.154Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-19",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-19",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-44",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-44",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-19",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-44",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of service or potential code execution."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-24T11:53:21.113Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-pmpg-6pww-fg6q)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pmpg-6pww-fg6q"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-out-of-bounds-access-in-connectedcomponentsimage-via-connected-components-artifact"
            }
          ],
          "title": "ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56370",
        "datePublished": "2026-06-24T11:53:21.113Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-25T13:20:32.154Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56368 (GCVE-0-2026-56368)

    Vulnerability from cvelistv5 – Published: 2026-06-24 11:53 – Updated: 2026-06-24 13:40
    VLAI
    Title
    ImageMagick - Memory Leak in Raw Pixel Data Coders
    Summary
    ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56368",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-24T13:37:57.353115Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-24T13:40:10.781Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-24T11:53:20.423Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-wfx3-6g53-9fgc)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wfx3-6g53-9fgc"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Memory Leak in Raw Pixel Data Coders",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-raw-pixel-data-coders"
            }
          ],
          "title": "ImageMagick - Memory Leak in Raw Pixel Data Coders",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56368",
        "datePublished": "2026-06-24T11:53:20.423Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-24T13:40:10.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56379 (GCVE-0-2026-56379)

    Vulnerability from cvelistv5 – Published: 2026-06-23 12:13 – Updated: 2026-06-30 12:10
    VLAI
    Title
    ImageMagick - Command Injection via SVG Decoder
    Summary
    ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-116 - Improper Encoding or Escaping of Output
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Server Optional (v. 7 ELS)     cpe:/o:redhat:rhel_els:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    phenggeler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56379",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T13:58:05.952386Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T13:58:13.304Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_els:7"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-06-23T12:13:05.492Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in ImageMagick. This command injection vulnerability in the SVG (Scalable Vector Graphics) decoder allows a remote attacker to craft malicious SVG files. When these files are processed, the injected Magick Vector Graphics (MVG) commands can execute, potentially leading to arbitrary code execution on the affected system."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "HIGH",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:10:42.910Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-56379"
              },
              {
                "name": "RHBZ#2491700",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491700"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-56379.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:32961"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:32961: Red Hat Enterprise Linux Server (v. 7 ELS), Red Hat Enterprise Linux Server Optional (v. 7 ELS)"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-06-23T13:01:13.843Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-06-23T12:13:05.492Z",
                "value": "Made public."
              }
            ],
            "title": "ImageMagick: ImageMagick: Arbitrary code execution via SVG decoder command injection",
            "workarounds": [
              {
                "lang": "en",
                "value": "Restrict ImageMagick processing capabilities via policy.xml, disabling the SVG coder and restricting delegates to prevent injection escalation to OS command execution. Enforce mandatory access control (SELinux/AppArmor) combined with seccomp syscall filtering to block execve. For systemd services, enable NoNewPrivileges, ProtectSystem=strict, ProtectHome=true, and PrivateDevices=true."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "phenggeler"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-116",
                  "description": "Improper Encoding or Escaping of Output",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-23T12:13:05.492Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-xpg8-7m6m-jf56)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xpg8-7m6m-jf56"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Command Injection via SVG Decoder",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-command-injection-via-svg-decoder"
            }
          ],
          "title": "ImageMagick - Command Injection via SVG Decoder",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56379",
        "datePublished": "2026-06-23T12:13:05.492Z",
        "dateReserved": "2026-06-21T02:05:47.495Z",
        "dateUpdated": "2026-06-30T12:10:42.910Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56376 (GCVE-0-2026-56376)

    Vulnerability from cvelistv5 – Published: 2026-06-23 12:13 – Updated: 2026-06-23 13:06
    VLAI
    Title
    ImageMagick - Heap Use-After-Free in Meta Coder
    Summary
    ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56376",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T13:06:03.212009Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T13:06:10.787Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-23T12:13:04.795Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-2gq3-ww97-wfjm)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-2gq3-ww97-wfjm"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Heap Use-After-Free in Meta Coder",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-heap-use-after-free-in-meta-coder"
            }
          ],
          "title": "ImageMagick - Heap Use-After-Free in Meta Coder",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56376",
        "datePublished": "2026-06-23T12:13:04.795Z",
        "dateReserved": "2026-06-21T02:05:47.495Z",
        "dateUpdated": "2026-06-23T13:06:10.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56371 (GCVE-0-2026-56371)

    Vulnerability from cvelistv5 – Published: 2026-06-23 12:13 – Updated: 2026-06-24 15:44
    VLAI
    Title
    ImageMagick - Memory Leak in TXT File Processing via Texture Attribute
    Summary
    ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is processed.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    unbengable12
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56371",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-24T15:43:57.913723Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-24T15:44:24.102Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "unbengable12"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is processed."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-23T12:13:04.085Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GitHub Security Advisory (GHSA-3q5f-gmjc-38r8)",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3q5f-gmjc-38r8"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Memory Leak in TXT File Processing via Texture Attribute",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-txt-file-processing-via-texture-attribute"
            }
          ],
          "title": "ImageMagick - Memory Leak in TXT File Processing via Texture Attribute",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56371",
        "datePublished": "2026-06-23T12:13:04.085Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-24T15:44:24.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56378 (GCVE-0-2026-56378)

    Vulnerability from cvelistv5 – Published: 2026-06-21 13:26 – Updated: 2026-06-22 13:20
    VLAI
    Title
    ImageMagick - Heap Out-of-Bounds Read in PCD Decoder
    Summary
    ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during image decoding, resulting in denial of service and potential disclosure of an adjacent heap byte.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    ylwango613
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56378",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-22T13:20:07.253117Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-22T13:20:32.902Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ylwango613"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) contains a heap out-of-bounds read in the PCD coder\u0027s DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during image decoding, resulting in denial of service and potential disclosure of an adjacent heap byte."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-21T13:26:57.584Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GHSA Advisory GHSA-wgxp-q8xq-wpp9",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wgxp-q8xq-wpp9"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Heap Out-of-Bounds Read in PCD Decoder",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-heap-out-of-bounds-read-in-pcd-decoder"
            }
          ],
          "title": "ImageMagick - Heap Out-of-Bounds Read in PCD Decoder",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56378",
        "datePublished": "2026-06-21T13:26:57.584Z",
        "dateReserved": "2026-06-21T02:05:47.495Z",
        "dateUpdated": "2026-06-22T13:20:32.902Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-56367 (GCVE-0-2026-56367)

    Vulnerability from cvelistv5 – Published: 2026-06-21 13:26 – Updated: 2026-06-22 12:18
    VLAI
    Title
    ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding
    Summary
    ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    ImageMagick ImageMagick Affected: 7.0.0 , < 7.1.2-15 (semver)
    Unaffected: 7.1.2-15 (semver)
    Create a notification for this product.
    ImageMagick ImageMagick Affected: 6.9.0 , < 6.9.13-40 (semver)
    Unaffected: 6.9.13-40 (semver)
    Create a notification for this product.
    Date Public
    2026-02-23 00:00
    Credits
    andsopwn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-56367",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-22T12:18:37.914953Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-22T12:18:44.959Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "7.1.2-15",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "7.1.2-15",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ImageMagick",
              "vendor": "ImageMagick",
              "versions": [
                {
                  "lessThan": "6.9.13-40",
                  "status": "affected",
                  "version": "6.9.0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "6.9.13-40",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.2-15",
                      "versionStartIncluding": "7.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.9.13-40",
                      "versionStartIncluding": "6.9.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "andsopwn"
            }
          ],
          "datePublic": "2026-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T11:33:08.238Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "GHSA Advisory GHSA-273h-m46v-96q4",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-273h-m46v-96q4"
            },
            {
              "name": "VulnCheck Advisory: ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/imagemagick-heap-out-of-bounds-read-in-psb-rle-decoding"
            }
          ],
          "title": "ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding",
          "x_generator": {
            "engine": "vulncheck-endgame"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2026-56367",
        "datePublished": "2026-06-21T13:26:56.878Z",
        "dateReserved": "2026-06-21T02:05:21.920Z",
        "dateUpdated": "2026-06-22T12:18:44.959Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }