CVE-2026-23952

Medium CVSS: 6.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting Language) parser when processing <comment> tags before images are loaded. This can lead to DoS attack due to assertion failure (debug builds) or NULL pointer dereference (release builds). This issue is fixed in version 14.10.2.

Vendor

Imagemagick

Product

Imagemagick

CWE

CWE-476

Yayın Tarihi

2026-01-22 01:15:52

Güncelleme

2026-02-27 15:35:07

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-476 Imagemagick MEDIUM Imagemagick 2026

Referanslar

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5vx3-wx4q-6cj8 https://github.com/dlemstra/Magick.NET/releases/tag/14.10.2

Benzer Kayıtlar

Medium

CVE-2026-33535

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9…

Medium

CVE-2026-33536

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9…

Medium

CVE-2026-32636

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9…

Medium

CVE-2026-32259

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9…

Medium

CVE-2026-31853

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9…

High

CVE-2026-30929

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-1…