Search for vulnerabilities
| Vulnerability ID | VCID-r1wz-w1et-27fu |
| Aliases |
CVE-2026-25968
GHSA-3mwp-xqp2-q6ph |
| Summary | ImageMagick: MSL attribute stack buffer overflow leads to out of bounds write. A stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. ``` ================================================================= ==278522==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdb8c76984 at pc 0x55a4bf16f507 bp 0x7ffdb8c75bc0 sp 0x7ffdb8c75bb0 WRITE of size 1 at 0x7ffdb8c76984 thread T0 ``` |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.00064 | https://api.first.org/data/v1/epss?cve=CVE-2026-25968 |
| cvssv3.1_qr | HIGH | https://github.com/advisories/GHSA-3mwp-xqp2-q6ph |
| cvssv3.1_qr | HIGH | https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph |
| Reference id | Reference type | URL |
|---|---|---|
| https://api.first.org/data/v1/epss?cve=CVE-2026-25968 | ||
| https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3 | ||
| https://github.com/ImageMagick/ImageMagick | ||
| CVE-2026-25968 | https://nvd.nist.gov/vuln/detail/CVE-2026-25968 | |
| GHSA-3mwp-xqp2-q6ph | https://github.com/advisories/GHSA-3mwp-xqp2-q6ph | |
| GHSA-3mwp-xqp2-q6ph | https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph |
| Percentile | 0.20065 |
| EPSS Score | 0.00064 |
| Published At | May 30, 2026, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-05-30T21:07:50.835035+00:00 | GitLab Importer | Import | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Magick.NET-Q8-arm64/CVE-2026-25968.yml | 38.6.0 |