Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
Typedeb
Namespacedebian
Nameimagemagick
Version8:6.9.11.60+dfsg-1.6+deb12u7
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version8:6.9.11.60+dfsg-1.6+deb12u8
Latest_non_vulnerable_version8:7.1.2.19+dfsg1-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-15ny-qqbj-qyfk
vulnerability_id VCID-15ny-qqbj-qyfk
summary 
ImageMagick has infinite loop when writing IPTCTEXT leads to denial of service via crafted profile
A crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT`.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26066.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26066.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26066
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04791
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04757
published_at 2026-04-21T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04617
published_at 2026-04-18T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04608
published_at 2026-04-16T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04641
published_at 2026-04-13T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04658
published_at 2026-04-12T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04675
published_at 2026-04-11T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.0468
published_at 2026-04-09T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04669
published_at 2026-04-08T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04635
published_at 2026-04-07T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04599
published_at 2026-04-02T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.04623
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26066
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26066
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/880057ce34f6da9dff2fe3b290bbbc45b743e613
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/880057ce34f6da9dff2fe3b290bbbc45b743e613
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v994-63cg-9wj3
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v994-63cg-9wj3
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26066
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26066
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442142
reference_id 2442142
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442142
10
reference_url https://github.com/advisories/GHSA-v994-63cg-9wj3
reference_id GHSA-v994-63cg-9wj3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v994-63cg-9wj3
11
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-26066, GHSA-v994-63cg-9wj3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15ny-qqbj-qyfk
1
url VCID-29r3-kvf4-n3hc
vulnerability_id VCID-29r3-kvf4-n3hc
summary 
ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images
A heap buffer over-read vulnerability occurs when processing an image with small dimension using the `-wavelet-denoise` operator.

```
==3693336==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x511000001280 at pc 0x5602c8b0cc75 bp 0x7ffcb105d510 sp 0x7ffcb105d500
READ of size 4 at 0x511000001280 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27798.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27798.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27798
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02733
published_at 2026-04-11T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02808
published_at 2026-04-24T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02818
published_at 2026-04-21T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02704
published_at 2026-04-18T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02694
published_at 2026-04-16T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02713
published_at 2026-04-13T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02763
published_at 2026-04-09T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.0274
published_at 2026-04-07T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02717
published_at 2026-04-12T12:55:00Z
9
value 0.00014
scoring_system epss
scoring_elements 0.02743
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27798
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27798
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T16:54:43Z/
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/0377e60b3c0d766bd7271221c95d9ee54f6a3738
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T16:54:43Z/
url https://github.com/ImageMagick/ImageMagick/commit/0377e60b3c0d766bd7271221c95d9ee54f6a3738
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpgx-jfcq-r59f
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T16:54:43Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpgx-jfcq-r59f
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-27798
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-27798
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442872
reference_id 2442872
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442872
10
reference_url https://github.com/advisories/GHSA-qpgx-jfcq-r59f
reference_id GHSA-qpgx-jfcq-r59f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qpgx-jfcq-r59f
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-27798, GHSA-qpgx-jfcq-r59f
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29r3-kvf4-n3hc
2
url VCID-5uyd-bv33-h7g1
vulnerability_id VCID-5uyd-bv33-h7g1
summary 
ImageMagick: Heap overflow in sun decoder on 32-bit systems may result in out of bounds write
An Integer Overflow vulnerability exists in the sun decoder. On 32-bit systems/builds, a carefully crafted image can lead to an out of bounds heap write.

```
=================================================================
==1967675==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf190b50e at pc 0x5eae8777 bp 0xffb0fdd8 sp 0xffb0fdd0
WRITE of size 1 at 0xf190b50e thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25897.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25897.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25897
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06044
published_at 2026-04-24T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.06013
published_at 2026-04-21T12:55:00Z
2
value 0.00062
scoring_system epss
scoring_elements 0.19194
published_at 2026-04-13T12:55:00Z
3
value 0.00062
scoring_system epss
scoring_elements 0.19248
published_at 2026-04-12T12:55:00Z
4
value 0.00062
scoring_system epss
scoring_elements 0.19237
published_at 2026-04-08T12:55:00Z
5
value 0.00062
scoring_system epss
scoring_elements 0.19162
published_at 2026-04-18T12:55:00Z
6
value 0.00062
scoring_system epss
scoring_elements 0.19153
published_at 2026-04-16T12:55:00Z
7
value 0.00062
scoring_system epss
scoring_elements 0.19295
published_at 2026-04-11T12:55:00Z
8
value 0.00062
scoring_system epss
scoring_elements 0.1929
published_at 2026-04-09T12:55:00Z
9
value 0.00062
scoring_system epss
scoring_elements 0.1939
published_at 2026-04-02T12:55:00Z
10
value 0.00062
scoring_system epss
scoring_elements 0.19441
published_at 2026-04-04T12:55:00Z
11
value 0.00062
scoring_system epss
scoring_elements 0.19158
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25897
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25897
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/23fde73188ea32c15b607571775d4f92bdb75e60
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/23fde73188ea32c15b607571775d4f92bdb75e60
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6j5f-24fw-pqp4
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:23:43Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6j5f-24fw-pqp4
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25897
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25897
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442098
reference_id 2442098
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442098
10
reference_url https://github.com/advisories/GHSA-6j5f-24fw-pqp4
reference_id GHSA-6j5f-24fw-pqp4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6j5f-24fw-pqp4
11
reference_url https://usn.ubuntu.com/8069-1/
reference_id USN-8069-1
reference_type
scores
url https://usn.ubuntu.com/8069-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25897, GHSA-6j5f-24fw-pqp4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5uyd-bv33-h7g1
3
url VCID-5zkt-kcgx-a3e2
vulnerability_id VCID-5zkt-kcgx-a3e2
summary 
ImageMagick Has Signed Integer Overflow in SIXEL Decoder, Leading to Memory Corruption
A signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a maliciously crafted SIXEL image file. The vulnerability occurs during buffer reallocation operations where pointer arithmetic using signed 32-bit integers overflows.

```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==143838==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000
    #0 0x7f379d5adb53  (/lib/x86_64-linux-gnu/libc.so.6+0xc4b53)
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25970.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25970.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25970
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.17714
published_at 2026-04-24T12:55:00Z
1
value 0.00057
scoring_system epss
scoring_elements 0.17989
published_at 2026-04-02T12:55:00Z
2
value 0.00057
scoring_system epss
scoring_elements 0.18043
published_at 2026-04-04T12:55:00Z
3
value 0.00057
scoring_system epss
scoring_elements 0.17743
published_at 2026-04-07T12:55:00Z
4
value 0.00057
scoring_system epss
scoring_elements 0.17831
published_at 2026-04-08T12:55:00Z
5
value 0.00057
scoring_system epss
scoring_elements 0.17892
published_at 2026-04-09T12:55:00Z
6
value 0.00057
scoring_system epss
scoring_elements 0.17908
published_at 2026-04-11T12:55:00Z
7
value 0.00057
scoring_system epss
scoring_elements 0.17864
published_at 2026-04-12T12:55:00Z
8
value 0.00057
scoring_system epss
scoring_elements 0.17815
published_at 2026-04-13T12:55:00Z
9
value 0.00057
scoring_system epss
scoring_elements 0.17757
published_at 2026-04-16T12:55:00Z
10
value 0.00057
scoring_system epss
scoring_elements 0.17767
published_at 2026-04-18T12:55:00Z
11
value 0.00057
scoring_system epss
scoring_elements 0.17805
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25970
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25970
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xg29-8ghv-v4xr
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xg29-8ghv-v4xr
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25970
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25970
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442108
reference_id 2442108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442108
9
reference_url https://github.com/advisories/GHSA-xg29-8ghv-v4xr
reference_id GHSA-xg29-8ghv-v4xr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xg29-8ghv-v4xr
10
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25970, GHSA-xg29-8ghv-v4xr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5zkt-kcgx-a3e2
4
url VCID-62ar-kwbq-nyh3
vulnerability_id VCID-62ar-kwbq-nyh3
summary 
ImageMagick has memory leak in msl encoder
Memory leak exists in `coders/msl.c`. In the `WriteMSLImage` function of the `msl.c` file, resources are allocated. But the function returns early without releasing these allocated resources. 

```
==78983== Memcheck, a memory error detector
==78983== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==78983== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info
==78983== 
==78983== 177,196 (13,512 direct, 163,684 indirect) bytes in 1 blocks are definitely lost in loss record 21 of 21
==78983==    at 0x4846828: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25638.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25638.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25638
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05112
published_at 2026-04-24T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05082
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.04934
published_at 2026-04-18T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.04924
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.04978
published_at 2026-04-13T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.04997
published_at 2026-04-12T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05015
published_at 2026-04-11T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05035
published_at 2026-04-09T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05019
published_at 2026-04-08T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.04986
published_at 2026-04-07T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04968
published_at 2026-04-04T12:55:00Z
11
value 0.00059
scoring_system epss
scoring_elements 0.18616
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25638
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25638
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/1e88fca11c7b8517100d518bc99bd8c474f02f88
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/1e88fca11c7b8517100d518bc99bd8c474f02f88
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gxcx-qjqp-8vjw
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gxcx-qjqp-8vjw
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25638
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25638
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442105
reference_id 2442105
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442105
10
reference_url https://github.com/advisories/GHSA-gxcx-qjqp-8vjw
reference_id GHSA-gxcx-qjqp-8vjw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gxcx-qjqp-8vjw
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25638, GHSA-gxcx-qjqp-8vjw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-62ar-kwbq-nyh3
5
url VCID-acsa-1uwk-fqee
vulnerability_id VCID-acsa-1uwk-fqee
summary 
ImageMagick has Possible Heap Information Disclosure in PSD ZIP Decompression
### Description
A heap information disclosure vulnerability exists in ImageMagick's PSD (Adobe Photoshop) format handler. When processing a maliciously crafted PSD file containing ZIP-compressed layer data that decompresses to less than the expected size, uninitialized heap memory is leaked into the output image.

### Expected Impact
Information disclosure leading to potential exposure of sensitive data from server memory.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24481
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03914
published_at 2026-04-04T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04003
published_at 2026-04-24T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03991
published_at 2026-04-21T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.0387
published_at 2026-04-18T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.0386
published_at 2026-04-16T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03881
published_at 2026-04-13T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03909
published_at 2026-04-12T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03926
published_at 2026-04-11T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03957
published_at 2026-04-09T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03934
published_at 2026-04-08T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03928
published_at 2026-04-07T12:55:00Z
11
value 0.00047
scoring_system epss
scoring_elements 0.14453
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24481
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24481
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24481
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
4
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
5
reference_url https://github.com/ImageMagick/ImageMagick/commit/51c9d33f4770cdcfa1a029199375d570af801c97
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/51c9d33f4770cdcfa1a029199375d570af801c97
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-96pc-27rx-pr36
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:39:38Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-96pc-27rx-pr36
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24481
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24481
8
reference_url https://github.com/advisories/GHSA-96pc-27rx-pr36
reference_id GHSA-96pc-27rx-pr36
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-96pc-27rx-pr36
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-24481, GHSA-96pc-27rx-pr36
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-acsa-1uwk-fqee
6
url VCID-b5pd-kk97-gban
vulnerability_id VCID-b5pd-kk97-gban
summary 
ImageMagick: Converting multi-layer nested MVG to SVG can cause DoS
Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24484.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24484.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24484
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04656
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-21T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04468
published_at 2026-04-16T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04498
published_at 2026-04-13T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04477
published_at 2026-04-18T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.0453
published_at 2026-04-11T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04541
published_at 2026-04-09T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04524
published_at 2026-04-08T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04489
published_at 2026-04-07T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04515
published_at 2026-04-12T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17539
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24484
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24484
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24484
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:41:00Z/
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/0349df6d43d633bd61bb582d1e1e87d6332de32a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:41:00Z/
url https://github.com/ImageMagick/ImageMagick/commit/0349df6d43d633bd61bb582d1e1e87d6332de32a
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wg3g-gvx5-2pmv
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:41:00Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wg3g-gvx5-2pmv
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24484
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24484
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442085
reference_id 2442085
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442085
10
reference_url https://github.com/advisories/GHSA-wg3g-gvx5-2pmv
reference_id GHSA-wg3g-gvx5-2pmv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wg3g-gvx5-2pmv
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-24484, GHSA-wg3g-gvx5-2pmv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5pd-kk97-gban
7
url VCID-cbqr-aybx-d3e6
vulnerability_id VCID-cbqr-aybx-d3e6
summary 
ImageMagick has Use After Free in MSLStartElement in "coders/msl.c"
A crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading to a UAF in ReadBlobString during further parsing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25983.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25983.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25983
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.0819
published_at 2026-04-24T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.0822
published_at 2026-04-21T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08062
published_at 2026-04-18T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08076
published_at 2026-04-16T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.0818
published_at 2026-04-13T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08197
published_at 2026-04-12T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08218
published_at 2026-04-11T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08227
published_at 2026-04-09T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08209
published_at 2026-04-08T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08141
published_at 2026-04-07T12:55:00Z
10
value 0.00029
scoring_system epss
scoring_elements 0.08147
published_at 2026-04-02T12:55:00Z
11
value 0.00029
scoring_system epss
scoring_elements 0.08193
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25983
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25983
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25983
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/257200cb21de23404dce5f8261871845d425dee5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/257200cb21de23404dce5f8261871845d425dee5
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fwqw-2x5x-w566
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:04:31Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fwqw-2x5x-w566
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25983
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25983
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442113
reference_id 2442113
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442113
10
reference_url https://github.com/advisories/GHSA-fwqw-2x5x-w566
reference_id GHSA-fwqw-2x5x-w566
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fwqw-2x5x-w566
11
reference_url https://usn.ubuntu.com/8069-1/
reference_id USN-8069-1
reference_type
scores
url https://usn.ubuntu.com/8069-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25983, GHSA-fwqw-2x5x-w566
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbqr-aybx-d3e6
8
url VCID-d8yf-8rff-3yhf
vulnerability_id VCID-d8yf-8rff-3yhf
summary 
ImageMagick has a possible infinite loop in its JPEG encoder when using `jpeg:extent`
A `continue` statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger a 100% CPU consumption and process hang (Denial of Service) with a crafted image.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26283.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26283.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-26283
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05139
published_at 2026-04-24T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05114
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.04966
published_at 2026-04-18T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.04956
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05016
published_at 2026-04-13T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05033
published_at 2026-04-12T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05051
published_at 2026-04-11T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05072
published_at 2026-04-09T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05057
published_at 2026-04-08T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05024
published_at 2026-04-07T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04976
published_at 2026-04-02T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05003
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-26283
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26283
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/c448c6920a985872072fc7be6034f678c087de9b
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/c448c6920a985872072fc7be6034f678c087de9b
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gwr3-x37h-h84v
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:47:27Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gwr3-x37h-h84v
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-26283
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-26283
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442140
reference_id 2442140
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442140
10
reference_url https://github.com/advisories/GHSA-gwr3-x37h-h84v
reference_id GHSA-gwr3-x37h-h84v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gwr3-x37h-h84v
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-26283, GHSA-gwr3-x37h-h84v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d8yf-8rff-3yhf
9
url VCID-dtza-65ku-aber
vulnerability_id VCID-dtza-65ku-aber
summary 
ImageMagick has NULL pointer dereference in ReadSFWImage after DestroyImageInfo (sfw.c)
In `ReadSFWImage()` (`coders/sfw.c`), when temporary file creation fails, `read_info` is destroyed before its `filename` member is accessed, causing a NULL pointer dereference and crash.

```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1414421==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 (pc 0x56260222912f bp 0x7ffec0a193b0 sp 0x7ffec0a19360 T0)
    #0 0x56260222912f  (/data/ylwang/LargeScan/targets/ImageMagick/utilities/magick+0x235f12f)
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25795.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25795.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25795
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05323
published_at 2026-04-24T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05285
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05133
published_at 2026-04-18T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.0513
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05185
published_at 2026-04-13T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05199
published_at 2026-04-12T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05216
published_at 2026-04-11T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05248
published_at 2026-04-09T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05229
published_at 2026-04-08T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05197
published_at 2026-04-07T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05177
published_at 2026-04-04T12:55:00Z
11
value 0.00061
scoring_system epss
scoring_elements 0.19112
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25795
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25795
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/332c1566acc2de77857032d3c2504ead6210ff50
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/332c1566acc2de77857032d3c2504ead6210ff50
7
reference_url https://github.com/ImageMagick/ImageMagick/commit/55c344f4b514213642da41194bab57b4476fb9f5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/55c344f4b514213642da41194bab57b4476fb9f5
8
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p33r-fqw2-rqmm
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:07:57Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p33r-fqw2-rqmm
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25795
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25795
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442099
reference_id 2442099
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442099
11
reference_url https://github.com/advisories/GHSA-p33r-fqw2-rqmm
reference_id GHSA-p33r-fqw2-rqmm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p33r-fqw2-rqmm
12
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25795, GHSA-p33r-fqw2-rqmm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dtza-65ku-aber
10
url VCID-emmr-15qp-vfah
vulnerability_id VCID-emmr-15qp-vfah
summary 
ImageMagick has Global Buffer Overflow (OOB Read) via Negative Pixel Index in UIL and XPM Writer
The UIL and XPM image encoder do not validate the pixel index value returned by `GetPixelIndex()` before using it as an array subscript. In HDRI builds, `Quantum` is a floating-point type, so pixel index values can be negative. An attacker can craft an image with negative pixel index values to trigger a global buffer overflow read during conversion, leading to information disclosure or a process crash.

```
READ of size 1 at 0x55a8823a776e thread T0
    #0 0x55a880d01e85 in WriteUILImage coders/uil.c:355
```

```
READ of size 1 at 0x55fa1c04c66e thread T0
    #0 0x55fa1a9ee415 in WriteXPMImage coders/xpm.c:1135
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25898.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25898.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25898
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05734
published_at 2026-04-24T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.057
published_at 2026-04-21T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05535
published_at 2026-04-18T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05526
published_at 2026-04-16T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05579
published_at 2026-04-13T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05586
published_at 2026-04-12T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05596
published_at 2026-04-11T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05624
published_at 2026-04-09T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.056
published_at 2026-04-08T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05562
published_at 2026-04-07T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05563
published_at 2026-04-04T12:55:00Z
11
value 0.00058
scoring_system epss
scoring_elements 0.18459
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25898
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25898
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/c9c87dbaba56bf82aebd3392e11f0ffd93709b12
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/c9c87dbaba56bf82aebd3392e11f0ffd93709b12
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vpxv-r9pg-7gpr
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:26:22Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vpxv-r9pg-7gpr
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25898
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25898
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442102
reference_id 2442102
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442102
10
reference_url https://github.com/advisories/GHSA-vpxv-r9pg-7gpr
reference_id GHSA-vpxv-r9pg-7gpr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vpxv-r9pg-7gpr
11
reference_url https://usn.ubuntu.com/8069-1/
reference_id USN-8069-1
reference_type
scores
url https://usn.ubuntu.com/8069-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25898, GHSA-vpxv-r9pg-7gpr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-emmr-15qp-vfah
11
url VCID-f1zu-xb4j-8qhp
vulnerability_id VCID-f1zu-xb4j-8qhp
summary 
ImageMagick has a heap buffer over-read in its MAP image decoder
A heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory disclosure during image decoding.

```
=================================================================
==4070926==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x502000002b31 at pc 0x56517afbd910 bp 0x7ffc59e90000 sp 0x7ffc59e8fff0
READ of size 1 at 0x502000002b31 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25987.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25987.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25987
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03385
published_at 2026-04-24T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03398
published_at 2026-04-21T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03275
published_at 2026-04-18T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03265
published_at 2026-04-16T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03289
published_at 2026-04-13T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.0331
published_at 2026-04-12T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03339
published_at 2026-04-11T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.0338
published_at 2026-04-09T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03359
published_at 2026-04-08T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03354
published_at 2026-04-07T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03334
published_at 2026-04-02T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.03346
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25987
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25987
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25987
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/bbae0215e1b76830509fd20e6d37c0dd7e3e4c3a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/bbae0215e1b76830509fd20e6d37c0dd7e3e4c3a
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-42p5-62qq-mmh7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:07:26Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-42p5-62qq-mmh7
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25987
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25987
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442115
reference_id 2442115
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442115
10
reference_url https://github.com/advisories/GHSA-42p5-62qq-mmh7
reference_id GHSA-42p5-62qq-mmh7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-42p5-62qq-mmh7
11
reference_url https://usn.ubuntu.com/8069-1/
reference_id USN-8069-1
reference_type
scores
url https://usn.ubuntu.com/8069-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25987, GHSA-42p5-62qq-mmh7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f1zu-xb4j-8qhp
12
url VCID-fnck-7mvx-hqc9
vulnerability_id VCID-fnck-7mvx-hqc9
summary 
ImageMagick has a heap Buffer Over-read  in its DJVU image format handler
A heap Buffer Over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride (row size) for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27799.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27799.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27799
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03365
published_at 2026-04-04T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03402
published_at 2026-04-24T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03416
published_at 2026-04-21T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03299
published_at 2026-04-18T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03288
published_at 2026-04-16T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03312
published_at 2026-04-13T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03335
published_at 2026-04-12T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.0338
published_at 2026-04-07T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03385
published_at 2026-04-08T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03363
published_at 2026-04-11T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03353
published_at 2026-04-02T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.03406
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27799
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27799
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T17:03:55Z/
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/e87695b3227978ad70b967b8d054baaf8ac2cced
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T17:03:55Z/
url https://github.com/ImageMagick/ImageMagick/commit/e87695b3227978ad70b967b8d054baaf8ac2cced
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r99p-5442-q2x2
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T17:03:55Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r99p-5442-q2x2
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-27799
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-27799
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442879
reference_id 2442879
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442879
10
reference_url https://github.com/advisories/GHSA-r99p-5442-q2x2
reference_id GHSA-r99p-5442-q2x2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r99p-5442-q2x2
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-27799, GHSA-r99p-5442-q2x2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fnck-7mvx-hqc9
13
url VCID-gdg8-aejn-83c4
vulnerability_id VCID-gdg8-aejn-83c4
summary 
ImageMagick: Policy bypass through path traversal allows reading restricted content despite secured policy
ImageMagick’s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/* can be bypassed by a path traversal. The OS resolves the traversal and opens the sensitive file, but the policy matcher only sees the unnormalized path and therefore allows the read. This enables local file disclosure (LFI) even when policy-secure.xml is applied.

Actions to prevent reading from files have been taken. But it make sure writing is also not possible the following should be added to your policy:

```
<policy domain="path" rights="none" pattern="*../*"/>
```

And this will also be included in the project's more secure policies by default.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25965.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25965.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25965
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04515
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04488
published_at 2026-04-21T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04357
published_at 2026-04-18T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04348
published_at 2026-04-16T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04382
published_at 2026-04-13T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04398
published_at 2026-04-12T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04413
published_at 2026-04-11T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04419
published_at 2026-04-09T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04402
published_at 2026-04-08T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04369
published_at 2026-04-07T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04359
published_at 2026-04-04T12:55:00Z
11
value 0.00047
scoring_system epss
scoring_elements 0.14614
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25965
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25965
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8jvj-p28h-9gm7
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:28:41Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8jvj-p28h-9gm7
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25965
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25965
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442118
reference_id 2442118
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442118
9
reference_url https://github.com/advisories/GHSA-8jvj-p28h-9gm7
reference_id GHSA-8jvj-p28h-9gm7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8jvj-p28h-9gm7
10
reference_url https://access.redhat.com/errata/RHSA-2026:5573
reference_id RHSA-2026:5573
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5573
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25965, GHSA-8jvj-p28h-9gm7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdg8-aejn-83c4
14
url VCID-jvq6-xjbu-fkb9
vulnerability_id VCID-jvq6-xjbu-fkb9
summary 
ImageMagick: Infinite loop vulnerability when parsing a PCD file
When a PCD file does not contain a valid marker, the DecodeImage() function becomes trapped in an infinite loop while searching for the marker, causing the program to become unresponsive and continuously consume CPU resources, ultimately leading to system resource exhaustion and denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24485.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24485.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24485
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04849
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04815
published_at 2026-04-21T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04674
published_at 2026-04-18T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04666
published_at 2026-04-16T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04698
published_at 2026-04-13T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04715
published_at 2026-04-12T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04733
published_at 2026-04-11T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04742
published_at 2026-04-09T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.0473
published_at 2026-04-08T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04682
published_at 2026-04-04T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04696
published_at 2026-04-07T12:55:00Z
11
value 0.00057
scoring_system epss
scoring_elements 0.17962
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24485
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24485
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24485
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:48:11Z/
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/332c1566acc2de77857032d3c2504ead6210ff50
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:48:11Z/
url https://github.com/ImageMagick/ImageMagick/commit/332c1566acc2de77857032d3c2504ead6210ff50
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pqgj-2p96-rx85
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:48:11Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pqgj-2p96-rx85
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-24485
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-24485
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442091
reference_id 2442091
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442091
10
reference_url https://github.com/advisories/GHSA-pqgj-2p96-rx85
reference_id GHSA-pqgj-2p96-rx85
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pqgj-2p96-rx85
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-24485, GHSA-pqgj-2p96-rx85
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jvq6-xjbu-fkb9
15
url VCID-kefv-kpkk-wudf
vulnerability_id VCID-kefv-kpkk-wudf
summary 
ImageMagick has Division-by-Zero in YUV sampling factor validation, which leads to crash
A logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resulting in a reliable denial-of-service.

```
coders/yuv.c:210:47: runtime error: division by zero
AddressSanitizer:DEADLYSIGNAL
=================================================================
==3543373==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 (pc 0x55deeb4d723c bp 0x7fffc28d34d0 sp 0x7fffc28d3320 T0)
    #0 0x55deeb4d723c in ReadYUVImage coders/yuv.c:210
    #1 0x55deeb751dff in ReadImage MagickCore/constitute.c:743
    #2 0x55deeb756374 in ReadImages MagickCore/constitute.c:1082
    #3 0x55deec682375 in CLINoImageOperator MagickWand/operation.c:4959
    #4 0x55deec6887ed in CLIOption MagickWand/operation.c:5473
    #5 0x55deec32843b in ProcessCommandOptions MagickWand/magick-cli.c:653
    #6 0x55deec32b99b in MagickImageCommand MagickWand/magick-cli.c:1392
    #7 0x55deec324d58 in MagickCommandGenesis MagickWand/magick-cli.c:177
    #8 0x55deead82519 in MagickMain utilities/magick.c:162
    #9 0x55deead828be in main utilities/magick.c:193
    #10 0x7fb90807fd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #11 0x7fb90807fe3f in __libc_start_main_impl ../csu/libc-start.c:392
    #12 0x55deead81974 in _start (/data/ylwang/LargeScan/targets/ImageMagick/utilities/magick+0x22fb974)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: UNKNOWN SIGNAL coders/yuv.c:210 in ReadYUVImage
==3543373==ABORTING
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25799.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25799.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25799
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05294
published_at 2026-04-24T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05259
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05106
published_at 2026-04-18T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05102
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05159
published_at 2026-04-13T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05172
published_at 2026-04-12T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05189
published_at 2026-04-11T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05219
published_at 2026-04-09T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05202
published_at 2026-04-08T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05168
published_at 2026-04-07T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05147
published_at 2026-04-04T12:55:00Z
11
value 0.0006
scoring_system epss
scoring_elements 0.19061
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25799
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25799
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/49000e7298fbfdd759ac2c46f740f40c2e9b7452
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/49000e7298fbfdd759ac2c46f740f40c2e9b7452
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-543g-8grm-9cw6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:22:05Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-543g-8grm-9cw6
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25799
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25799
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442120
reference_id 2442120
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442120
10
reference_url https://github.com/advisories/GHSA-543g-8grm-9cw6
reference_id GHSA-543g-8grm-9cw6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-543g-8grm-9cw6
11
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25799, GHSA-543g-8grm-9cw6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kefv-kpkk-wudf
16
url VCID-p5aw-n691-nkff
vulnerability_id VCID-p5aw-n691-nkff
summary 
ImageMagick: MSL image stack index may fail to refresh, leading to leaked images
Sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks.

```
==841485==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 13512 byte(s) in 1 object(s) allocated from:
    #0 0x7ff330759887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25988.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25988.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25988
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06578
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06663
published_at 2026-04-11T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06671
published_at 2026-04-09T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06558
published_at 2026-04-02T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06594
published_at 2026-04-04T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06628
published_at 2026-04-08T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06724
published_at 2026-04-24T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06726
published_at 2026-04-21T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06568
published_at 2026-04-18T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06577
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06647
published_at 2026-04-13T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06656
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25988
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25988
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25988
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/4354fc1d554ec2e6314aed13536efa7bde9593d2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/4354fc1d554ec2e6314aed13536efa7bde9593d2
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-782x-jh29-9mf7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:08:10Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-782x-jh29-9mf7
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25988
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25988
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442101
reference_id 2442101
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442101
10
reference_url https://github.com/advisories/GHSA-782x-jh29-9mf7
reference_id GHSA-782x-jh29-9mf7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-782x-jh29-9mf7
11
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25988, GHSA-782x-jh29-9mf7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p5aw-n691-nkff
17
url VCID-pcme-bwan-3bcf
vulnerability_id VCID-pcme-bwan-3bcf
summary 
ImageMagick has NULL Pointer Dereference in ClonePixelCacheRepository via crafted image
A NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image file, resulting in Denial of Service.

```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==3704942==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 (pc 0x7f9d141239e0 bp 0x7ffd4c5711e0 sp 0x7ffd4c571148 T0)
    #0 0x7f9d141239e0  (/lib/x86_64-linux-gnu/libc.so.6+0xc49e0)
    #1 0x558a25e4f08d in ClonePixelCacheRepository._omp_fn.0 MagickCore/cache.c:784
    #2 0x7f9d14c06a15 in GOMP_parallel (/lib/x86_64-linux-gnu/libgomp.so.1+0x14a15)
    #3 0x558a25e43151 in ClonePixelCacheRepository MagickCore/cache.c:753
    #4 0x558a25e49a96 in OpenPixelCache MagickCore/cache.c:3849
    #5 0x558a25e45117 in GetImagePixelCache MagickCore/cache.c:1829
    #6 0x558a25e4dde3 in SyncImagePixelCache MagickCore/cache.c:5647
    #7 0x558a256ba57d in SetImageExtent MagickCore/image.c:2713
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25798.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25798.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25798
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.19314
published_at 2026-04-24T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19416
published_at 2026-04-21T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19401
published_at 2026-04-18T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19393
published_at 2026-04-16T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19433
published_at 2026-04-13T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19491
published_at 2026-04-12T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19538
published_at 2026-04-11T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19535
published_at 2026-04-09T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19483
published_at 2026-04-08T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19405
published_at 2026-04-07T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19683
published_at 2026-04-04T12:55:00Z
11
value 0.00152
scoring_system epss
scoring_elements 0.35968
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25798
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25798
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/e046417675d5c26e5f48816851a406c121c77469
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/e046417675d5c26e5f48816851a406c121c77469
7
reference_url https://github.com/ImageMagick/ImageMagick/issues/8567
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/issues/8567
8
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p863-5fgm-rgq4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:20:58Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p863-5fgm-rgq4
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25798
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25798
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442119
reference_id 2442119
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442119
11
reference_url https://github.com/advisories/GHSA-p863-5fgm-rgq4
reference_id GHSA-p863-5fgm-rgq4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p863-5fgm-rgq4
12
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25798, GHSA-p863-5fgm-rgq4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pcme-bwan-3bcf
18
url VCID-ruf5-255v-sfdb
vulnerability_id VCID-ruf5-255v-sfdb
summary 
ImageMagick: Out of bounds read in multiple coders read raw pixel data
A heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larger than -size dimensions, causing out-of-bounds memory reads from a heap-allocated buffer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25576.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25576.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25576
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.0283
published_at 2026-04-02T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00307
published_at 2026-04-21T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00285
published_at 2026-04-16T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00287
published_at 2026-04-13T12:55:00Z
4
value 6e-05
scoring_system epss
scoring_elements 0.00288
published_at 2026-04-18T12:55:00Z
5
value 6e-05
scoring_system epss
scoring_elements 0.0029
published_at 2026-04-09T12:55:00Z
6
value 6e-05
scoring_system epss
scoring_elements 0.00291
published_at 2026-04-11T12:55:00Z
7
value 6e-05
scoring_system epss
scoring_elements 0.00293
published_at 2026-04-07T12:55:00Z
8
value 6e-05
scoring_system epss
scoring_elements 0.00302
published_at 2026-04-04T12:55:00Z
9
value 6e-05
scoring_system epss
scoring_elements 0.00308
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25576
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25576
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25576
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:54:37Z/
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:54:37Z/
url https://github.com/ImageMagick/ImageMagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jv4p-gjwq-9r2j
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:54:37Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jv4p-gjwq-9r2j
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25576
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25576
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442093
reference_id 2442093
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442093
10
reference_url https://github.com/advisories/GHSA-jv4p-gjwq-9r2j
reference_id GHSA-jv4p-gjwq-9r2j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jv4p-gjwq-9r2j
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25576, GHSA-jv4p-gjwq-9r2j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ruf5-255v-sfdb
19
url VCID-sd54-b8z1-2fg7
vulnerability_id VCID-sd54-b8z1-2fg7
summary 
ImageMagick: Integer overflow or wraparound and incorrect conversion between numeric types in the internal SVG decoder
A crafted SVG file can cause a denial of service. An off-by-one boundary check (`>` instead of `>=`) that allows bypass the guard and reach an undefined `(size_t)` cast.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25989.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25989.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25989
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05261
published_at 2026-04-24T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05228
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05076
published_at 2026-04-18T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05071
published_at 2026-04-16T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05124
published_at 2026-04-13T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05137
published_at 2026-04-12T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05154
published_at 2026-04-11T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05183
published_at 2026-04-09T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05167
published_at 2026-04-08T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05133
published_at 2026-04-07T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05082
published_at 2026-04-02T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05112
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25989
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25989
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/5a545ab9d6c3d12a6a76cfed32b87df096729d95
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/5a545ab9d6c3d12a6a76cfed32b87df096729d95
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7355-pwx2-pm84
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:08:53Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7355-pwx2-pm84
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25989
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25989
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442136
reference_id 2442136
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442136
10
reference_url https://github.com/advisories/GHSA-7355-pwx2-pm84
reference_id GHSA-7355-pwx2-pm84
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7355-pwx2-pm84
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25989, GHSA-7355-pwx2-pm84
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sd54-b8z1-2fg7
20
url VCID-sdc2-fcap-abaz
vulnerability_id VCID-sdc2-fcap-abaz
summary 
ImageMagick has Heap Out-of-Bounds Read in DCM Decoder (ReadDCMImage)
A heap out-of-bounds read vulnerability exists in the `coders/dcm.c` module. When processing DICOM files with a specific configuration, the decoder loop incorrectly reads bytes per iteration. This causes the function to read past the end of the allocated buffer, potentially leading to a Denial of Service (crash) or Information Disclosure (leaking heap memory into the image).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25982.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25982.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25982
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04223
published_at 2026-04-24T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04211
published_at 2026-04-21T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04092
published_at 2026-04-18T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04084
published_at 2026-04-16T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04142
published_at 2026-04-12T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04156
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04176
published_at 2026-04-09T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04162
published_at 2026-04-08T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04116
published_at 2026-04-13T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.0413
published_at 2026-04-07T12:55:00Z
10
value 0.00053
scoring_system epss
scoring_elements 0.16707
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25982
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25982
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25982
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pmq6-8289-hx3v
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:03:44Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pmq6-8289-hx3v
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25982
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25982
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442124
reference_id 2442124
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442124
9
reference_url https://github.com/advisories/GHSA-pmq6-8289-hx3v
reference_id GHSA-pmq6-8289-hx3v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pmq6-8289-hx3v
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25982, GHSA-pmq6-8289-hx3v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sdc2-fcap-abaz
21
url VCID-vpdn-g1k9-1kdn
vulnerability_id VCID-vpdn-g1k9-1kdn
summary 
ImageMagick has heap buffer overflow in YUV 4:2:2 decoder
A heap buffer overflow write vulnerability exists in ReadYUVImage() (coders/yuv.c) when processing malicious YUV 4:2:2 (NoInterlace) images. The pixel-pair loop writes one pixel beyond the allocated row buffer.

```
=================================================================
==204642==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5170000002e0 at pc 0x562d21a7e8de bp 0x7fffa9ae1270 sp 0x7fffa9ae1260
WRITE of size 8 at 0x5170000002e0 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25986.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25986.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25986
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.0725
published_at 2026-04-24T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07292
published_at 2026-04-21T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07168
published_at 2026-04-18T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07174
published_at 2026-04-16T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07243
published_at 2026-04-13T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07252
published_at 2026-04-12T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07266
published_at 2026-04-11T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07269
published_at 2026-04-09T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07242
published_at 2026-04-08T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07208
published_at 2026-04-04T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07188
published_at 2026-04-07T12:55:00Z
11
value 0.00061
scoring_system epss
scoring_elements 0.19294
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25986
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25986
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25986
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mqfc-82jx-3mr2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:06:36Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mqfc-82jx-3mr2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25986
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25986
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442111
reference_id 2442111
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442111
9
reference_url https://github.com/advisories/GHSA-mqfc-82jx-3mr2
reference_id GHSA-mqfc-82jx-3mr2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mqfc-82jx-3mr2
10
reference_url https://usn.ubuntu.com/8069-1/
reference_id USN-8069-1
reference_type
scores
url https://usn.ubuntu.com/8069-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25986, GHSA-mqfc-82jx-3mr2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpdn-g1k9-1kdn
22
url VCID-y4hn-6bv6-jugw
vulnerability_id VCID-y4hn-6bv6-jugw
summary 
ImageMagick: MSL attribute stack buffer overflow leads to out of bounds write.
A stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption.

```
=================================================================
==278522==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdb8c76984 at pc 0x55a4bf16f507 bp 0x7ffdb8c75bc0 sp 0x7ffdb8c75bb0
WRITE of size 1 at 0x7ffdb8c76984 thread T0
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25968.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25968.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25968
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.18969
published_at 2026-04-24T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19294
published_at 2026-04-02T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.19346
published_at 2026-04-04T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.19061
published_at 2026-04-07T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19141
published_at 2026-04-08T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19194
published_at 2026-04-09T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.19201
published_at 2026-04-11T12:55:00Z
7
value 0.00061
scoring_system epss
scoring_elements 0.19155
published_at 2026-04-12T12:55:00Z
8
value 0.00061
scoring_system epss
scoring_elements 0.191
published_at 2026-04-13T12:55:00Z
9
value 0.00061
scoring_system epss
scoring_elements 0.19059
published_at 2026-04-16T12:55:00Z
10
value 0.00061
scoring_system epss
scoring_elements 0.1907
published_at 2026-04-18T12:55:00Z
11
value 0.00061
scoring_system epss
scoring_elements 0.19079
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25968
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25968
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25968
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25968
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25968
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442125
reference_id 2442125
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442125
9
reference_url https://github.com/advisories/GHSA-3mwp-xqp2-q6ph
reference_id GHSA-3mwp-xqp2-q6ph
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3mwp-xqp2-q6ph
10
reference_url https://usn.ubuntu.com/8069-1/
reference_id USN-8069-1
reference_type
scores
url https://usn.ubuntu.com/8069-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25968, GHSA-3mwp-xqp2-q6ph
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y4hn-6bv6-jugw
23
url VCID-yx7r-r7ez-7uhp
vulnerability_id VCID-yx7r-r7ez-7uhp
summary 
ImageMagick: Code Injection via PostScript header in ps coders
The ps encoders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header.  An attacker can provide a malicious file and inject arbitrary PostScript code. When the resulting file is processed by a printer or a viewer (like Ghostscript), the injected code is interpreted and executed.

The html encoder does not properly escape strings that are written to in the html document. An attacker can provide a malicious file and injection arbitrary html code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25797.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25797.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25797
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.068
published_at 2026-04-02T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00823
published_at 2026-04-21T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00779
published_at 2026-04-18T12:55:00Z
3
value 8e-05
scoring_system epss
scoring_elements 0.00775
published_at 2026-04-16T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.00774
published_at 2026-04-12T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00786
published_at 2026-04-09T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.0079
published_at 2026-04-08T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00789
published_at 2026-04-04T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.0078
published_at 2026-04-11T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00826
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25797
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25797
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/26088a83d71e9daa203d54a56fe3c31f3f85463d
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/26088a83d71e9daa203d54a56fe3c31f3f85463d
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rw6c-xp26-225v
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:13:11Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rw6c-xp26-225v
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25797
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25797
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442106
reference_id 2442106
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442106
10
reference_url https://github.com/advisories/GHSA-rw6c-xp26-225v
reference_id GHSA-rw6c-xp26-225v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rw6c-xp26-225v
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25797, GHSA-rw6c-xp26-225v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yx7r-r7ez-7uhp
24
url VCID-z9t9-bxf9-hkfk
vulnerability_id VCID-z9t9-bxf9-hkfk
summary 
ImageMagick has memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths
### Summary

In `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` Image object is not freed on three early-return paths, resulting in a definite memory leak (~13.5KB+ per invocation) that can be exploited for denial of service.

```
Direct leak of 13512 byte(s) in 1 object(s) allocated from:
    #0 0x7f5c11e27887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
    #1 0x55cdc38f65c4 in AcquireMagickMemory MagickCore/memory.c:536
    #2 0x55cdc38f65eb in AcquireCriticalMemory MagickCore/memory.c:612
    #3 0x55cdc3899e91 in AcquireImage MagickCore/image.c:154
```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25796.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25796.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-25796
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07047
published_at 2026-04-07T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07111
published_at 2026-04-13T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.0712
published_at 2026-04-12T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07131
published_at 2026-04-11T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07133
published_at 2026-04-09T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07072
published_at 2026-04-04T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07101
published_at 2026-04-08T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07128
published_at 2026-04-24T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07163
published_at 2026-04-21T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07031
published_at 2026-04-18T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07048
published_at 2026-04-16T12:55:00Z
11
value 0.0006
scoring_system epss
scoring_elements 0.18987
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-25796
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25796
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
5
reference_url https://github.com/ImageMagick/ImageMagick
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick
6
reference_url https://github.com/ImageMagick/ImageMagick/commit/93ad259ce4f6d641eea0bee73f374af90f35efc3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ImageMagick/ImageMagick/commit/93ad259ce4f6d641eea0bee73f374af90f35efc3
7
reference_url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-g2pr-qxjg-7r2w
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:11:19Z/
url https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-g2pr-qxjg-7r2w
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-25796
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-25796
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442112
reference_id 2442112
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442112
10
reference_url https://github.com/advisories/GHSA-g2pr-qxjg-7r2w
reference_id GHSA-g2pr-qxjg-7r2w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g2pr-qxjg-7r2w
11
reference_url https://usn.ubuntu.com/8127-1/
reference_id USN-8127-1
reference_type
scores
url https://usn.ubuntu.com/8127-1/
fixed_packages
0
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eb4u-x1mt-2uan
11
vulnerability VCID-eeju-vhdm-aqbe
12
vulnerability VCID-egwu-28fp-dye6
13
vulnerability VCID-g41y-dv8u-3yf1
14
vulnerability VCID-g679-q851-xub7
15
vulnerability VCID-j6tc-f4fc-mbcv
16
vulnerability VCID-jc5m-7rvc-2qg6
17
vulnerability VCID-jcjk-s89c-mbbm
18
vulnerability VCID-n47w-r932-abey
19
vulnerability VCID-qjxn-gm96-7ygc
20
vulnerability VCID-r3vw-ncns-cqgb
21
vulnerability VCID-rbdg-vz8x-ykah
22
vulnerability VCID-rjkf-pdny-2fhn
23
vulnerability VCID-sw7g-hxxr-n3e1
24
vulnerability VCID-tt6z-t31v-dkdd
25
vulnerability VCID-tv15-dcnu-pbbn
26
vulnerability VCID-utfe-h3b7-jqcj
27
vulnerability VCID-uvkp-1zss-57gr
28
vulnerability VCID-w9zg-tsbg-afa1
29
vulnerability VCID-x8c6-9pse-xkc8
30
vulnerability VCID-y58b-be93-hbfd
31
vulnerability VCID-zab9-9tqj-hbhg
32
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4%3Fdistro=trixie
1
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1cpn-zvem-v7gt
1
vulnerability VCID-2zje-ag2v-7kac
2
vulnerability VCID-381g-7gdr-qydg
3
vulnerability VCID-441f-z9bp-vbdu
4
vulnerability VCID-54da-fzyt-4ud2
5
vulnerability VCID-6h7x-3rue-kucp
6
vulnerability VCID-6v1d-1wfr-vqd1
7
vulnerability VCID-7gb9-gd78-7bdu
8
vulnerability VCID-a2qm-vkc3-qkd5
9
vulnerability VCID-cuhw-ew1g-s3h2
10
vulnerability VCID-eeju-vhdm-aqbe
11
vulnerability VCID-egwu-28fp-dye6
12
vulnerability VCID-g41y-dv8u-3yf1
13
vulnerability VCID-g679-q851-xub7
14
vulnerability VCID-j6tc-f4fc-mbcv
15
vulnerability VCID-jc5m-7rvc-2qg6
16
vulnerability VCID-jcjk-s89c-mbbm
17
vulnerability VCID-n47w-r932-abey
18
vulnerability VCID-qjxn-gm96-7ygc
19
vulnerability VCID-r3vw-ncns-cqgb
20
vulnerability VCID-rbdg-vz8x-ykah
21
vulnerability VCID-rjkf-pdny-2fhn
22
vulnerability VCID-sw7g-hxxr-n3e1
23
vulnerability VCID-tt6z-t31v-dkdd
24
vulnerability VCID-tv15-dcnu-pbbn
25
vulnerability VCID-utfe-h3b7-jqcj
26
vulnerability VCID-uvkp-1zss-57gr
27
vulnerability VCID-w9zg-tsbg-afa1
28
vulnerability VCID-x8c6-9pse-xkc8
29
vulnerability VCID-y58b-be93-hbfd
30
vulnerability VCID-zab9-9tqj-hbhg
31
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8%3Fdistro=trixie
5
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-a2qm-vkc3-qkd5
7
vulnerability VCID-eeju-vhdm-aqbe
8
vulnerability VCID-egwu-28fp-dye6
9
vulnerability VCID-j6tc-f4fc-mbcv
10
vulnerability VCID-jc5m-7rvc-2qg6
11
vulnerability VCID-qjxn-gm96-7ygc
12
vulnerability VCID-tt6z-t31v-dkdd
13
vulnerability VCID-uvkp-1zss-57gr
14
vulnerability VCID-w9zg-tsbg-afa1
15
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u5%3Fdistro=trixie
6
url pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u6%3Fdistro=trixie
7
url pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.15%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.15%252Bdfsg1-1%3Fdistro=trixie
8
url pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.16%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jc5m-7rvc-2qg6
1
vulnerability VCID-tt6z-t31v-dkdd
2
vulnerability VCID-zvq4-ybph-buga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.16%252Bdfsg1-1%3Fdistro=trixie
9
url pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.18%2Bdfsg1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2yv5-qdeg-9bag
1
vulnerability VCID-381g-7gdr-qydg
2
vulnerability VCID-441f-z9bp-vbdu
3
vulnerability VCID-4s37-h3p7-6uab
4
vulnerability VCID-6v1d-1wfr-vqd1
5
vulnerability VCID-7gb9-gd78-7bdu
6
vulnerability VCID-eeju-vhdm-aqbe
7
vulnerability VCID-egwu-28fp-dye6
8
vulnerability VCID-j6tc-f4fc-mbcv
9
vulnerability VCID-qjxn-gm96-7ygc
10
vulnerability VCID-uvkp-1zss-57gr
11
vulnerability VCID-w9zg-tsbg-afa1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.18%252Bdfsg1-1%3Fdistro=trixie
10
url pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1%3Fdistro=trixie
aliases CVE-2026-25796, GHSA-g2pr-qxjg-7r2w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z9t9-bxf9-hkfk
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7%3Fdistro=trixie