Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-qp3p-n866-gycu
Vulnerability ID VCID-qp3p-n866-gycu
Aliases CVE-2026-26983
GHSA-w8mw-frc6-r7m8
Summary ImageMagick: Invalid MSL <map> can result in a use after free The MSL interpreter crashes when processing a invalid `<map>` element that causes it to use an image after it has been freed.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-476 NULL Pointer Dereference
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00017 https://api.first.org/data/v1/epss?cve=CVE-2026-26983
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-w8mw-frc6-r7m8
cvssv3.1_qr MODERATE https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w8mw-frc6-r7m8
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2026-26983
https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
https://github.com/ImageMagick/ImageMagick
https://github.com/ImageMagick/ImageMagick/commit/7cfae4da24a995fb05386d77364ff404a7cca7bc
CVE-2026-26983 https://nvd.nist.gov/vuln/detail/CVE-2026-26983
GHSA-w8mw-frc6-r7m8 https://github.com/advisories/GHSA-w8mw-frc6-r7m8
GHSA-w8mw-frc6-r7m8 https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w8mw-frc6-r7m8
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.04488
EPSS Score 0.00017
Published At May 30, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-30T21:06:47.607222+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Magick.NET-Q8-x86/CVE-2026-26983.yml 38.6.0