Browse all 98 CVE security advisories affecting ImageMagick. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ImageMagick is a widely used open-source software suite for creating, editing, and composing bitmap images, serving as a foundational backend for numerous web applications and content management systems. Its extensive feature set and default configuration have historically introduced significant security risks, resulting in nearly one hundred recorded Common Vulnerabilities and Exposures. The most prevalent issues involve Remote Code Execution (RCE) and Denial of Service (DoS), often triggered by maliciously crafted image files that exploit buffer overflows or unsafe command-line argument parsing. While Cross-Site Scripting (XSS) and privilege escalation vulnerabilities have also been documented, RCE remains the primary threat vector due to the tool’s ability to process complex image formats. Major incidents, such as the "ImageTragick" vulnerability, highlighted critical flaws in how the software handles input, prompting widespread adoption of stricter security policies and configuration hardening across the industry to mitigate these inherent risks.
CVE-2019-101312026-04-18CVE-2019-110422026-04-18CVE-2020-26472026-04-18GHSA-26qp-ffjh-2x4v2026-04-18CVE-2026-259662026-02-24CVE-2026-258982026-02-24CVE-2026-259852026-02-24CVE-2026-256382026-02-24CVE-2026-256372026-02-24CVE-2026-257962026-02-24CVE-2026-255762026-02-24CVE-2026-244852026-02-24GHSA-39h3-g67r-7g3c2026-01-27CVE-2026-239522026-01-27CVE-2025-659552025-12-04CVE-2017-117522025-11-14DSA-4032-12025-11-12CVE-2018-164132025-11-12Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with ImageMagick. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.