Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
Typedeb
Namespacedebian
Nameimagemagick
Version8:6.9.11.60+dfsg-1.6+deb12u8
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version8:6.9.12.98+dfsg1-2
Latest_non_vulnerable_version8:7.1.2.19+dfsg1-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1cpn-zvem-v7gt
vulnerability_id VCID-1cpn-zvem-v7gt
summary 
ImageMagick has uninitialized pointer dereference in JBIG decoder
An uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28691.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28691.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28691
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.17474
published_at 2026-04-09T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.17414
published_at 2026-04-08T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.17322
published_at 2026-04-07T12:55:00Z
3
value 0.00055
scoring_system epss
scoring_elements 0.17542
published_at 2026-04-04T12:55:00Z
4
value 0.00055
scoring_system epss
scoring_elements 0.17495
published_at 2026-04-02T12:55:00Z
5
value 0.0006
scoring_system epss
scoring_elements 0.18746
published_at 2026-04-24T12:55:00Z
6
value 0.0006
scoring_system epss
scoring_elements 0.18975
published_at 2026-04-11T12:55:00Z
7
value 0.0006
scoring_system epss
scoring_elements 0.18928
published_at 2026-04-12T12:55:00Z
8
value 0.0006
scoring_system epss
scoring_elements 0.18877
published_at 2026-04-13T12:55:00Z
9
value 0.0006
scoring_system epss
scoring_elements 0.1883
published_at 2026-04-16T12:55:00Z
10
value 0.0006
scoring_system epss
scoring_elements 0.18843
published_at 2026-04-18T12:55:00Z
11
value 0.0006
scoring_system epss
scoring_elements 0.18858
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28691
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28691
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wj8w-pjxf-9g4f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T15:58:48Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wj8w-pjxf-9g4f
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28691
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28691
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445902
reference_id 2445902
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445902
9
reference_url https://github.com/advisories/GHSA-wj8w-pjxf-9g4f
reference_id GHSA-wj8w-pjxf-9g4f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wj8w-pjxf-9g4f
10
reference_url https://access.redhat.com/errata/RHSA-2026:6713
reference_id RHSA-2026:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6713
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-28691, GHSA-wj8w-pjxf-9g4f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1cpn-zvem-v7gt
1
url VCID-2zje-ag2v-7kac
vulnerability_id VCID-2zje-ag2v-7kac
summary 
ImageMagick has heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation
A 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur.

```
=================================================================
==741961==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000083dc at pc 0x56553b4c4245 bp 0x7ffd9d20fef0 sp 0x7ffd9d20fee0
WRITE of size 1 at 0x5020000083dc thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30937.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30937.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30937
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02773
published_at 2026-04-08T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02792
published_at 2026-04-09T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.0277
published_at 2026-04-07T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02749
published_at 2026-04-02T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02764
published_at 2026-04-04T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03902
published_at 2026-04-12T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03875
published_at 2026-04-13T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03996
published_at 2026-04-24T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03984
published_at 2026-04-21T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03864
published_at 2026-04-18T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03854
published_at 2026-04-16T12:55:00Z
11
value 0.00017
scoring_system epss
scoring_elements 0.03919
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30937
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30937
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30937
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
5
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpg4-j99f-8xcg
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:34:45Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpg4-j99f-8xcg
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30937
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30937
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445882
reference_id 2445882
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445882
8
reference_url https://github.com/advisories/GHSA-qpg4-j99f-8xcg
reference_id GHSA-qpg4-j99f-8xcg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qpg4-j99f-8xcg
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-30937, GHSA-qpg4-j99f-8xcg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zje-ag2v-7kac
2
url VCID-54da-fzyt-4ud2
vulnerability_id VCID-54da-fzyt-4ud2
summary 
ImageMagick has stack write buffer overflow in MNG encoder
A stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data.

```
==2265506==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffec4971310 at pc 0x55e671b8a072 bp 0x7ffec4970f70 sp 0x7ffec4970f68
WRITE of size 1 at 0x7ffec4971310 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28690.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28690
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02346
published_at 2026-04-09T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-08T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02321
published_at 2026-04-07T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02326
published_at 2026-04-04T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02316
published_at 2026-04-02T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.02937
published_at 2026-04-24T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.02856
published_at 2026-04-11T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.02837
published_at 2026-04-12T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.02832
published_at 2026-04-13T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.02817
published_at 2026-04-16T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.02826
published_at 2026-04-18T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.02943
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28690
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28690
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7h7q-j33q-hvpf
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T15:58:08Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7h7q-j33q-hvpf
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28690
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28690
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445887
reference_id 2445887
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445887
9
reference_url https://github.com/advisories/GHSA-7h7q-j33q-hvpf
reference_id GHSA-7h7q-j33q-hvpf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7h7q-j33q-hvpf
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-28690, GHSA-7h7q-j33q-hvpf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-54da-fzyt-4ud2
3
url VCID-6h7x-3rue-kucp
vulnerability_id VCID-6h7x-3rue-kucp
summary 
ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder
In MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read.

```
=================================================================
==969652==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x506000003b40 at pc 0x555557b2a926 bp 0x7fffffff4c80 sp 0x7fffffff4c70
READ of size 8 at 0x506000003b40 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28692.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28692.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28692
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05673
published_at 2026-04-09T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05647
published_at 2026-04-08T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05608
published_at 2026-04-07T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05611
published_at 2026-04-04T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05574
published_at 2026-04-02T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06264
published_at 2026-04-24T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06139
published_at 2026-04-11T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06135
published_at 2026-04-12T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06128
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06089
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.061
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06248
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28692
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28692
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mrmj-x24c-wwcv
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T15:58:29Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mrmj-x24c-wwcv
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28692
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28692
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445890
reference_id 2445890
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445890
9
reference_url https://github.com/advisories/GHSA-mrmj-x24c-wwcv
reference_id GHSA-mrmj-x24c-wwcv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mrmj-x24c-wwcv
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-28692, GHSA-mrmj-x24c-wwcv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6h7x-3rue-kucp
4
url VCID-cuhw-ew1g-s3h2
vulnerability_id VCID-cuhw-ew1g-s3h2
summary 
ImageMagick has Heap Use-After-Free in ImageMagick MSL decoder
A heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file.

```
=================================================================
==1500633==ERROR: AddressSanitizer: heap-use-after-free on address 0x527000011550 at pc 0x5612583fa212 bp 0x7ffedb86d160 sp 0x7ffedb86d150
READ of size 8 at 0x527000011550 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28687.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28687.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28687
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17042
published_at 2026-04-09T12:55:00Z
1
value 0.00054
scoring_system epss
scoring_elements 0.16984
published_at 2026-04-08T12:55:00Z
2
value 0.00054
scoring_system epss
scoring_elements 0.16896
published_at 2026-04-07T12:55:00Z
3
value 0.00054
scoring_system epss
scoring_elements 0.17114
published_at 2026-04-04T12:55:00Z
4
value 0.00054
scoring_system epss
scoring_elements 0.17059
published_at 2026-04-02T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.18302
published_at 2026-04-24T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.1852
published_at 2026-04-11T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18472
published_at 2026-04-12T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18421
published_at 2026-04-13T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.18365
published_at 2026-04-16T12:55:00Z
10
value 0.00059
scoring_system epss
scoring_elements 0.18377
published_at 2026-04-18T12:55:00Z
11
value 0.00059
scoring_system epss
scoring_elements 0.18402
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28687
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28687
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28687
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T16:01:50Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28687
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28687
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445897
reference_id 2445897
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445897
9
reference_url https://github.com/advisories/GHSA-fpvf-frm6-625q
reference_id GHSA-fpvf-frm6-625q
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fpvf-frm6-625q
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-28687, GHSA-fpvf-frm6-625q
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cuhw-ew1g-s3h2
5
url VCID-g41y-dv8u-3yf1
vulnerability_id VCID-g41y-dv8u-3yf1
summary 
ImageMagick has Heap Buffer Overflow in WaveletDenoiseImage
A crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur.

```
=================================================================
==661320==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x503000002754 at pc 0x5ff45f82c92a bp 0x7fffb732b400 sp 0x7fffb732b3f0
WRITE of size 4 at 0x503000002754 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30936.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30936.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30936
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04429
published_at 2026-04-09T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04412
published_at 2026-04-08T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04378
published_at 2026-04-07T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04368
published_at 2026-04-04T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04346
published_at 2026-04-02T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05231
published_at 2026-04-24T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.0513
published_at 2026-04-11T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05114
published_at 2026-04-12T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05099
published_at 2026-04-13T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05047
published_at 2026-04-16T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05052
published_at 2026-04-18T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.052
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30936
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30936
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30936
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:48:08Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30936
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30936
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445880
reference_id 2445880
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445880
9
reference_url https://github.com/advisories/GHSA-5ggv-92r5-cp4p
reference_id GHSA-5ggv-92r5-cp4p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5ggv-92r5-cp4p
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-30936, GHSA-5ggv-92r5-cp4p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g41y-dv8u-3yf1
6
url VCID-g679-q851-xub7
vulnerability_id VCID-g679-q851-xub7
summary ImageMagick: stack-based buffer overflow in sixel encoder
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32259.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32259.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32259
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04109
published_at 2026-04-02T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04189
published_at 2026-04-09T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04127
published_at 2026-04-04T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04143
published_at 2026-04-07T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04175
published_at 2026-04-08T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04169
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04151
published_at 2026-04-12T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.04841
published_at 2026-04-13T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.04944
published_at 2026-04-21T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.0498
published_at 2026-04-24T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04799
published_at 2026-04-18T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.0479
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32259
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32259
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32259
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2447112
reference_id 2447112
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2447112
5
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-49hx-7656-jpg3
reference_id GHSA-49hx-7656-jpg3
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-13T16:13:57Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-49hx-7656-jpg3
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-32259
risk_score 3.0
exploitability 0.5
weighted_severity 6.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g679-q851-xub7
7
url VCID-jc5m-7rvc-2qg6
vulnerability_id VCID-jc5m-7rvc-2qg6
summary 
ImageMagick has a heap-buffer-overflow in NewXMLTree which could result in crash
The NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32636.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32636.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-32636
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04277
published_at 2026-04-18T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04268
published_at 2026-04-16T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04297
published_at 2026-04-13T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04318
published_at 2026-04-12T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.0426
published_at 2026-04-02T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.0434
published_at 2026-04-09T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04324
published_at 2026-04-08T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04293
published_at 2026-04-07T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04281
published_at 2026-04-04T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04332
published_at 2026-04-11T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05128
published_at 2026-04-24T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05103
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-32636
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32636
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.11.0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:54:31Z/
url https://github.com/dlemstra/Magick.NET/releases/tag/14.11.0
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-17
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:54:31Z/
url https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-17
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gc62-2v5p-qpmp
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:54:31Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gc62-2v5p-qpmp
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-32636
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-32636
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448862
reference_id 2448862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448862
10
reference_url https://github.com/advisories/GHSA-gc62-2v5p-qpmp
reference_id GHSA-gc62-2v5p-qpmp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gc62-2v5p-qpmp
11
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-32636, GHSA-gc62-2v5p-qpmp
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jc5m-7rvc-2qg6
8
url VCID-jcjk-s89c-mbbm
vulnerability_id VCID-jcjk-s89c-mbbm
summary 
ImageMagick: Invalid MSL <map> can result in a use after free
The MSL interpreter crashes when processing a invalid `<map>` element that causes it to use an image after it has been freed.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26983.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26983.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26983
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03774
published_at 2026-04-24T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03771
published_at 2026-04-21T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03649
published_at 2026-04-18T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03638
published_at 2026-04-16T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03661
published_at 2026-04-13T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.03687
published_at 2026-04-12T12:55:00Z
6
value 0.00016
scoring_system epss
scoring_elements 0.0371
published_at 2026-04-11T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.03752
published_at 2026-04-09T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.03729
published_at 2026-04-08T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03726
published_at 2026-04-07T12:55:00Z
10
value 0.00016
scoring_system epss
scoring_elements 0.03701
published_at 2026-04-02T12:55:00Z
11
value 0.00016
scoring_system epss
scoring_elements 0.03712
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26983
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26983
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26983
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/7cfae4da24a995fb05386d77364ff404a7cca7bc
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/7cfae4da24a995fb05386d77364ff404a7cca7bc
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w8mw-frc6-r7m8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:09:37Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w8mw-frc6-r7m8
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26983
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26983
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442134
reference_id 2442134
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442134
10
reference_url https://github.com/advisories/GHSA-w8mw-frc6-r7m8
reference_id GHSA-w8mw-frc6-r7m8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w8mw-frc6-r7m8
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-26983, GHSA-w8mw-frc6-r7m8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jcjk-s89c-mbbm
9
url VCID-n47w-r932-abey
vulnerability_id VCID-n47w-r932-abey
summary 
ImageMagick is vulnerable to Heap Overflow when writing extremely large image profile in the PNG encoder
An extremely large image profile could result in a heap overflow when encoding a PNG image.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30883.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30883
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00676
published_at 2026-04-24T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.00447
published_at 2026-04-02T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00446
published_at 2026-04-04T12:55:00Z
3
value 7e-05
scoring_system epss
scoring_elements 0.00439
published_at 2026-04-07T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00435
published_at 2026-04-08T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.00437
published_at 2026-04-09T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00642
published_at 2026-04-11T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00637
published_at 2026-04-12T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00638
published_at 2026-04-13T12:55:00Z
9
value 7e-05
scoring_system epss
scoring_elements 0.00631
published_at 2026-04-16T12:55:00Z
10
value 7e-05
scoring_system epss
scoring_elements 0.00636
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30883
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30883
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qmw5-2p58-xvrc
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:53:57Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qmw5-2p58-xvrc
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30883
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30883
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445878
reference_id 2445878
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445878
9
reference_url https://github.com/advisories/GHSA-qmw5-2p58-xvrc
reference_id GHSA-qmw5-2p58-xvrc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qmw5-2p58-xvrc
10
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-30883, GHSA-qmw5-2p58-xvrc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n47w-r932-abey
10
url VCID-r3vw-ncns-cqgb
vulnerability_id VCID-r3vw-ncns-cqgb
summary 
ImageMagick is vulnerable to heap buffer over-write on 32-bit systems in SFW decoder
An overflow on  32-bit systems can cause a crash in the SFW decoder when processing extremely large images.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31853.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31853.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31853
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02624
published_at 2026-04-11T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02649
published_at 2026-04-09T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02629
published_at 2026-04-08T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02625
published_at 2026-04-07T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02621
published_at 2026-04-04T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02606
published_at 2026-04-02T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03326
published_at 2026-04-24T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03252
published_at 2026-04-12T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.0323
published_at 2026-04-13T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03205
published_at 2026-04-16T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03215
published_at 2026-04-18T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.03335
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31853
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31853
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31853
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-56jp-jfqg-f8f4
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T17:41:49Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-56jp-jfqg-f8f4
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-31853
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-31853
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2446690
reference_id 2446690
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2446690
9
reference_url https://github.com/advisories/GHSA-56jp-jfqg-f8f4
reference_id GHSA-56jp-jfqg-f8f4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-56jp-jfqg-f8f4
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-31853, GHSA-56jp-jfqg-f8f4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r3vw-ncns-cqgb
11
url VCID-rbdg-vz8x-ykah
vulnerability_id VCID-rbdg-vz8x-ykah
summary 
ImageMagick has heap use-after-free in the MSL encoder
A heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing MSL so the write capability has been removed. 

```
SUMMARY: AddressSanitizer: heap-use-after-free MagickCore/image.c:1195 in DestroyImage
Shadow bytes around the buggy address:
  0x0a4e80007450: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0a4e80007460: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0a4e80007470: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0a4e80007480: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0a4e80007490: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0a4e800074a0: fd fd fd fd fd fd fd fd fd fd[fd]fd fd fd fd fd
  0x0a4e800074b0: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa
  0x0a4e800074c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0a4e800074d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0a4e800074e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0a4e800074f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28688.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28688.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28688
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.12789
published_at 2026-04-09T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.12738
published_at 2026-04-08T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.12659
published_at 2026-04-07T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.12854
published_at 2026-04-04T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12806
published_at 2026-04-02T12:55:00Z
5
value 0.00045
scoring_system epss
scoring_elements 0.13897
published_at 2026-04-21T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.14015
published_at 2026-04-11T12:55:00Z
7
value 0.00045
scoring_system epss
scoring_elements 0.13978
published_at 2026-04-12T12:55:00Z
8
value 0.00045
scoring_system epss
scoring_elements 0.13928
published_at 2026-04-24T12:55:00Z
9
value 0.00045
scoring_system epss
scoring_elements 0.13832
published_at 2026-04-16T12:55:00Z
10
value 0.00045
scoring_system epss
scoring_elements 0.13825
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28688
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28688
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28688
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xxw5-m53x-j38c
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T16:02:13Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xxw5-m53x-j38c
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28688
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28688
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445877
reference_id 2445877
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445877
9
reference_url https://github.com/advisories/GHSA-xxw5-m53x-j38c
reference_id GHSA-xxw5-m53x-j38c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xxw5-m53x-j38c
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-28688, GHSA-xxw5-m53x-j38c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rbdg-vz8x-ykah
12
url VCID-rjkf-pdny-2fhn
vulnerability_id VCID-rjkf-pdny-2fhn
summary 
ImageMagick vulnerable to stack corruption through long morphology kernel names or arrays
A stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28494.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28494.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28494
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02649
published_at 2026-04-09T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02629
published_at 2026-04-08T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02625
published_at 2026-04-07T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02621
published_at 2026-04-04T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02606
published_at 2026-04-02T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03326
published_at 2026-04-24T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03279
published_at 2026-04-11T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03252
published_at 2026-04-12T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.0323
published_at 2026-04-13T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03205
published_at 2026-04-16T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03215
published_at 2026-04-18T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.03335
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28494
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28494
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28494
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-932h-jw47-73jm
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-10T14:40:59Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-932h-jw47-73jm
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28494
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28494
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445901
reference_id 2445901
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445901
9
reference_url https://github.com/advisories/GHSA-932h-jw47-73jm
reference_id GHSA-932h-jw47-73jm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-932h-jw47-73jm
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-28494, GHSA-932h-jw47-73jm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rjkf-pdny-2fhn
13
url VCID-sw7g-hxxr-n3e1
vulnerability_id VCID-sw7g-hxxr-n3e1
summary 
ImageMagick has a Path Policy TOCTOU symlink race bypass
`domain="path"` authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28689.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28689.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28689
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.00712
published_at 2026-04-09T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00722
published_at 2026-04-08T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00723
published_at 2026-04-07T12:55:00Z
3
value 8e-05
scoring_system epss
scoring_elements 0.00718
published_at 2026-04-04T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.00721
published_at 2026-04-02T12:55:00Z
5
value 9e-05
scoring_system epss
scoring_elements 0.00949
published_at 2026-04-24T12:55:00Z
6
value 9e-05
scoring_system epss
scoring_elements 0.00896
published_at 2026-04-18T12:55:00Z
7
value 9e-05
scoring_system epss
scoring_elements 0.0089
published_at 2026-04-12T12:55:00Z
8
value 9e-05
scoring_system epss
scoring_elements 0.00892
published_at 2026-04-13T12:55:00Z
9
value 9e-05
scoring_system epss
scoring_elements 0.00889
published_at 2026-04-16T12:55:00Z
10
value 9e-05
scoring_system epss
scoring_elements 0.00945
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28689
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28689
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-493f-jh8w-qhx3
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-10T15:56:31Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-493f-jh8w-qhx3
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28689
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28689
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445891
reference_id 2445891
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445891
9
reference_url https://github.com/advisories/GHSA-493f-jh8w-qhx3
reference_id GHSA-493f-jh8w-qhx3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-493f-jh8w-qhx3
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-28689, GHSA-493f-jh8w-qhx3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sw7g-hxxr-n3e1
14
url VCID-tt6z-t31v-dkdd
vulnerability_id VCID-tt6z-t31v-dkdd
summary 
ImageMagick has an Out-of-bounds Write via InterpretImageFilename
Due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write.

```
=================================================================
==48558==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x00016b9b7490 at pc 0x0001046d48ac bp 0x00016b9b31d0 sp 0x00016b9b31c8
WRITE of size 1 at 0x00016b9b7490 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33536.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33536.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33536
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04109
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.045
published_at 2026-04-21T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04429
published_at 2026-04-09T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04528
published_at 2026-04-24T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04378
published_at 2026-04-07T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04412
published_at 2026-04-08T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04423
published_at 2026-04-11T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04367
published_at 2026-04-18T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04359
published_at 2026-04-16T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04368
published_at 2026-04-04T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04391
published_at 2026-04-13T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.04408
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33536
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33536
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33536
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
5
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T13:44:35Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33536
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33536
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451849
reference_id 2451849
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451849
8
reference_url https://github.com/advisories/GHSA-8793-7xv6-82cf
reference_id GHSA-8793-7xv6-82cf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8793-7xv6-82cf
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-33536, GHSA-8793-7xv6-82cf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tt6z-t31v-dkdd
15
url VCID-tv15-dcnu-pbbn
vulnerability_id VCID-tv15-dcnu-pbbn
summary 
ImageMagick: Heap overflow in pcd decoder leads to out of bounds read.
The pcd coder lacks proper boundary checking when processing Huffman-coded data. The decoder contains an function that has an incorrect initialization that could cause an out of bounds read.

```
==3900053==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x502000003c6c at pc 0x55601b9cc552 bp 0x7ffd904b1f70 sp 0x7ffd904b1f60
READ of size 1 at 0x502000003c6c thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26284.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26284.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26284
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06044
published_at 2026-04-24T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05823
published_at 2026-04-02T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05858
published_at 2026-04-04T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05853
published_at 2026-04-07T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05891
published_at 2026-04-08T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05923
published_at 2026-04-09T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05901
published_at 2026-04-11T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05892
published_at 2026-04-12T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05884
published_at 2026-04-13T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05849
published_at 2026-04-16T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.0586
published_at 2026-04-18T12:55:00Z
11
value 0.00022
scoring_system epss
scoring_elements 0.06013
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26284
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26284
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26284
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wrhr-rf8j-r842
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:46:33Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wrhr-rf8j-r842
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26284
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26284
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442137
reference_id 2442137
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442137
9
reference_url https://github.com/advisories/GHSA-wrhr-rf8j-r842
reference_id GHSA-wrhr-rf8j-r842
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wrhr-rf8j-r842
10
reference_url https://usn.ubuntu.com/8069-1/
reference_id USN-8069-1
reference_type
scores
url https://usn.ubuntu.com/8069-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-26284, GHSA-wrhr-rf8j-r842
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tv15-dcnu-pbbn
16
url VCID-x8c6-9pse-xkc8
vulnerability_id VCID-x8c6-9pse-xkc8
summary 
ImageMagick: Integer overflow in DIB coder can result in out of bounds read or write
An integer overflow in DIB coder can result in out of bounds read or write
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28693.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28693
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18648
published_at 2026-04-09T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18595
published_at 2026-04-08T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18515
published_at 2026-04-07T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18798
published_at 2026-04-04T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18744
published_at 2026-04-02T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.19919
published_at 2026-04-24T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20148
published_at 2026-04-11T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20102
published_at 2026-04-12T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20044
published_at 2026-04-13T12:55:00Z
9
value 0.00065
scoring_system epss
scoring_elements 0.20026
published_at 2026-04-16T12:55:00Z
10
value 0.00065
scoring_system epss
scoring_elements 0.2003
published_at 2026-04-18T12:55:00Z
11
value 0.00065
scoring_system epss
scoring_elements 0.20029
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28693
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28693
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hffp-q43q-qq76
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-10T15:57:44Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hffp-q43q-qq76
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28693
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28693
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445888
reference_id 2445888
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445888
9
reference_url https://github.com/advisories/GHSA-hffp-q43q-qq76
reference_id GHSA-hffp-q43q-qq76
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hffp-q43q-qq76
10
reference_url https://access.redhat.com/errata/RHSA-2026:6713
reference_id RHSA-2026:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6713
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-28693, GHSA-hffp-q43q-qq76
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8c6-9pse-xkc8
17
url VCID-y58b-be93-hbfd
vulnerability_id VCID-y58b-be93-hbfd
summary 
ImageMagick: Write heap-buffer-overflow in PCL encoder via undersized output buffer
A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation.

```
WRITE of size 1 at 0x7e79f91f31a0 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28686.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28686.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28686
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04189
published_at 2026-04-09T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04175
published_at 2026-04-08T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04143
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04127
published_at 2026-04-04T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04109
published_at 2026-04-02T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.0498
published_at 2026-04-24T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.04881
published_at 2026-04-11T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.04861
published_at 2026-04-12T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.04841
published_at 2026-04-13T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.0479
published_at 2026-04-16T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04799
published_at 2026-04-18T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.04944
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28686
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28686
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28686
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-467j-76j7-5885
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:24:19Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-467j-76j7-5885
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28686
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28686
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445889
reference_id 2445889
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445889
9
reference_url https://github.com/advisories/GHSA-467j-76j7-5885
reference_id GHSA-467j-76j7-5885
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-467j-76j7-5885
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-28686, GHSA-467j-76j7-5885
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y58b-be93-hbfd
18
url VCID-z9t9-bxf9-hkfk
vulnerability_id VCID-z9t9-bxf9-hkfk
summary 
ImageMagick has memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths
### Summary

In `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` Image object is not freed on three early-return paths, resulting in a definite memory leak (~13.5KB+ per invocation) that can be exploited for denial of service.

```
Direct leak of 13512 byte(s) in 1 object(s) allocated from:
    #0 0x7f5c11e27887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
    #1 0x55cdc38f65c4 in AcquireMagickMemory MagickCore/memory.c:536
    #2 0x55cdc38f65eb in AcquireCriticalMemory MagickCore/memory.c:612
    #3 0x55cdc3899e91 in AcquireImage MagickCore/image.c:154
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25796.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25796.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25796
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07047
published_at 2026-04-07T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07111
published_at 2026-04-13T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.0712
published_at 2026-04-12T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07131
published_at 2026-04-11T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07133
published_at 2026-04-09T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07072
published_at 2026-04-04T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07101
published_at 2026-04-08T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07128
published_at 2026-04-24T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07163
published_at 2026-04-21T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07031
published_at 2026-04-18T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07048
published_at 2026-04-16T12:55:00Z
11
value 0.0006
scoring_system epss
scoring_elements 0.18987
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25796
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25796
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/93ad259ce4f6d641eea0bee73f374af90f35efc3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/93ad259ce4f6d641eea0bee73f374af90f35efc3
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-g2pr-qxjg-7r2w
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:11:19Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-g2pr-qxjg-7r2w
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25796
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25796
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442112
reference_id 2442112
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442112
10
reference_url https://github.com/advisories/GHSA-g2pr-qxjg-7r2w
reference_id GHSA-g2pr-qxjg-7r2w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g2pr-qxjg-7r2w
11
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
10
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25796, GHSA-g2pr-qxjg-7r2w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z9t9-bxf9-hkfk
19
url VCID-zab9-9tqj-hbhg
vulnerability_id VCID-zab9-9tqj-hbhg
summary 
ImageMagick: Memory allocation with excessive without limits in the internal SVG decoder
A crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate ~674 GB of memory, leading to an out-of-memory abort.

Found via AFL++ fuzzing with afl-clang-lto instrumentation and AddressSanitizer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25985.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25985.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25985
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04916
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04879
published_at 2026-04-21T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04734
published_at 2026-04-18T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04725
published_at 2026-04-16T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04773
published_at 2026-04-13T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04792
published_at 2026-04-12T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04827
published_at 2026-04-09T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04815
published_at 2026-04-11T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04782
published_at 2026-04-07T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04745
published_at 2026-04-02T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04767
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25985
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25985
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25985
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/1a51eb9af00c36724660e294520878fd1f13e312
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/1a51eb9af00c36724660e294520878fd1f13e312
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v7g2-m8c5-mf84
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:05:38Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v7g2-m8c5-mf84
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25985
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25985
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442127
reference_id 2442127
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442127
10
reference_url https://github.com/advisories/GHSA-v7g2-m8c5-mf84
reference_id GHSA-v7g2-m8c5-mf84
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v7g2-m8c5-mf84
11
reference_url https://access.redhat.com/errata/RHSA-2026:5573
reference_id RHSA-2026:5573
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5573
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25985, GHSA-v7g2-m8c5-mf84
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zab9-9tqj-hbhg
20
url VCID-zvq4-ybph-buga
vulnerability_id VCID-zvq4-ybph-buga
summary 
ImageMagick has an Out-of-Bounds write of a zero byte in  its X11 display interaction
An out-of-bounds write of a zero byte exists in the X11 `display` interaction path that could lead to a crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33535.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33535.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33535
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02792
published_at 2026-04-09T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.0274
published_at 2026-04-13T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02764
published_at 2026-04-04T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02744
published_at 2026-04-12T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02762
published_at 2026-04-11T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.0277
published_at 2026-04-07T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02773
published_at 2026-04-08T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02735
published_at 2026-04-18T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02724
published_at 2026-04-16T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04197
published_at 2026-04-02T12:55:00Z
10
value 5e-05
scoring_system epss
scoring_elements 0.00252
published_at 2026-04-24T12:55:00Z
11
value 5e-05
scoring_system epss
scoring_elements 0.00253
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33535
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33535
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33535
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
5
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mw3m-pqr2-qv7c
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:52:50Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mw3m-pqr2-qv7c
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33535
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33535
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451855
reference_id 2451855
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451855
8
reference_url https://github.com/advisories/GHSA-mw3m-pqr2-qv7c
reference_id GHSA-mw3m-pqr2-qv7c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mw3m-pqr2-qv7c
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u11?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-33535, GHSA-mw3m-pqr2-qv7c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zvq4-ybph-buga
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie