Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

imagemagick — Vulnerabilities & Security Advisories 168

All 168 CVE vulnerabilities found in imagemagick, with AI-generated Chinese analysis, references, and POCs.

This page catalogs common weaknesses and vulnerabilities associated with ImageMagick, specifically focusing on security flaws in this widely used image processing library. It aggregates data from various sources to provide a comprehensive view of the risks affecting this software. The collection includes diverse vulnerability types such as buffer overflows, remote code execution paths, denial-of-service conditions, and privilege escalation issues. The timeline of recorded incidents spans from the early development stages of the project through to recent updates, ensuring coverage of both legacy and modern security concerns. This range allows analysts to observe how threat vectors have evolved alongside the product’s feature set and deployment methods. Visitors to this page can track vendor advisories issued by the ImageMagick team to stay informed about critical patches and mitigation strategies. Users can also gain a deeper understanding of specific weakness classes by examining how they manifest within the context of image decoding and manipulation routines. Furthermore, the database serves as a historical record for auditing purposes, enabling security professionals to look up a product’s vulnerability history and assess long-term risk profiles. By centralizing this information, the page facilitates better risk management and informed decision-making for organizations relying on ImageMagick for their graphics processing workflows.

Vendor: ImageMagick

CVE IDTitleCVSSSeverityPublished
CVE-2026-42050 ImageMagick: Stack buffer overflow in XTileImage CWE-121 5.5 Medium2026-05-11
CVE-2026-40312 ImageMagick: Off-by-One in MSL decoder could result in crash CWE-193 6.2 Medium2026-04-13
CVE-2026-40311 ImageMagick: Heap-use-after-free via XMP profile could result in a crash when printing values CWE-416 5.5 Medium2026-04-13
CVE-2026-40310 ImageMagick: Heap out-of-bounds write in JP2 encoder CWE-122 5.5 Medium2026-04-13
CVE-2026-40183 ImageMagick: Heap buffer overflow when encoding JXL image with a 16-bit float CWE-122 5.5 Medium2026-04-13
CVE-2026-40169 ImageMagick: Heap buffer overflow (WRITE) in the YAML and JSON encoders CWE-122 6.2 Medium2026-04-13
CVE-2026-34238 ImageMagick: Integer overflow in despeckle operation causes heap buffer overflow on 32-bit builds CWE-190 5.1 Medium2026-04-13
CVE-2026-33908 ImageMagick is vulnerable to Stack Overflow in DestroyXMLTree() CWE-674 7.5 High2026-04-13
CVE-2026-33905 ImageMagick has an Out-of-Bounds read via -sample operation CWE-125 5.5 Medium2026-04-13
CVE-2026-33902 ImageMagick: Stack Overflow via Recursive FX Expression Parsing CWE-674 5.5 Medium2026-04-13
CVE-2026-33901 ImageMagick has a Heap Buffer Overflow via MVG decoder CWE-122 7.5 High2026-04-13
CVE-2026-33900 ImageMagick has a Heap overflow caused by integer overflow/wraparound in viff encoder on 32-bit builds CWE-190 5.9 Medium2026-04-13
CVE-2026-33899 ImageMagick: Heap BufferOverflow write of single zero byte when parsing XML CWE-122 5.3 Medium2026-04-13
CVE-2026-33536 ImageMagick has an Out-of-bounds Write via InterpretImageFilename CWE-787 5.1 Medium2026-03-26
CVE-2026-33535 ImageMagick has an Out-of-Bounds write of a zero byte in its X11 display interaction CWE-787 4.0 Medium2026-03-26
CVE-2026-32636 ImageMagick has a heap-buffer-overflow in NewXMLTree which could result in crash CWE-787 5.3 Medium2026-03-18
CVE-2026-32259 ImageMagick has a possible stack buffer overflow in sixel encoder CWE-121 6.7 Medium2026-03-12
CVE-2026-31853 ImageMagick has a heap buffer over-write on 32-bit systems in SFW decoder CWE-122 5.7 Medium2026-03-11
CVE-2026-30937 ImageMagick has a heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation CWE-122 6.8 Medium2026-03-09
CVE-2026-30936 ImageMagick has a heap Buffer Overflow in WaveletDenoiseImage CWE-122 5.5 Medium2026-03-09
CVE-2026-30935 ImageMagick has a heap Buffer Over-Read in BilateralBlurImage CWE-125 4.4 Medium2026-03-09
CVE-2026-30931 ImageMagick has a heap-based buffer overflow in UHDR encoder CWE-122 6.8 Medium2026-03-09
CVE-2026-30929 ImageMagick has a stack buffer overflow in MagnifyImage CWE-121 7.7 High2026-03-09
CVE-2026-30883 ImageMagick has a Heap Overflow when writing extremely large image profile in the PNG encoder CWE-119 5.7 Medium2026-03-09
CVE-2026-28693 ImageMagick has an integer overflow in DIB coder can result in out of bounds read or write CWE-125 8.1 High2026-03-09
CVE-2026-28692 ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder CWE-125 4.8 Medium2026-03-09
CVE-2026-28691 ImageMagick has an uninitialized pointer dereference in JBIG decoder CWE-252 7.5 High2026-03-09
CVE-2026-28690 ImageMagick has a stack write buffer overflow in MNG encoder CWE-121 6.9 Medium2026-03-09
CVE-2026-28689 ImageMagick has a Path Policy TOCTOU symlink race bypass CWE-59 6.3 Medium2026-03-09
CVE-2026-28688 ImageMagick has a heap use-after-free in the MSL encoder CWE-416 4.0 Medium2026-03-09

All 168 known CVE vulnerabilities affecting imagemagick with full Chinese analysis, references, and POCs where available.