CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-33901 – ImageMagick has a Heap Buffer Overflow via MVG decoder
https://notcve.org/view.php?id=CVE-2026-33901
13 Apr 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. • https://github.com/ImageMagick/ImageMagick/commit/4c72003e9e54a4ebaa938d239e75f5d285527ebe • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2026-33900 – ImageMagick has a Heap overflow caused by integer overflow/wraparound in viff encoder on 32-bit builds
https://notcve.org/view.php?id=CVE-2026-33900
13 Apr 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder contains an integer truncation/wraparound issue on 32-bit builds that could trigger an out of bounds heap write, potentially causing a crash. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. • https://github.com/ImageMagick/ImageMagick/commit/d27b840a61b322419a66d0d192ff56d52498148d • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2026-33899 – ImageMagick: Heap BufferOverflow write of single zero byte when parsing XML
https://notcve.org/view.php?id=CVE-2026-33899
13 Apr 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when `Magick` parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. • https://github.com/ImageMagick/ImageMagick/commit/ae679e2fd19ec656bfab9f822ae4cf06bf91604d • CWE-122: Heap-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2026-33536 – ImageMagick has an Out-of-bounds Write via InterpretImageFilename
https://notcve.org/view.php?id=CVE-2026-33536
26 Mar 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write. Versions 7.1.2-18 and 6.9.13-43 patch the issue. ImageMagick es un software libre y de código abierto utilizado para editar y manipular imágenes digitales. Antes de 7.1.2-18 y 6.9.13-43, debido a un valor de re... • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-33535 – ImageMagick has an Out-of-Bounds write of a zero byte in its X11 display interaction
https://notcve.org/view.php?id=CVE-2026-33535
26 Mar 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 `display` interaction path that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue. ImageMagick es un software libre y de código abierto utilizado para editar y manipular imágenes digitales. Antes de 7.1.2-18 y 6.9.13-43, existía una escritura fuera de límites de un byte cero en la ruta de interacción 'disp... • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mw3m-pqr2-qv7c • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-32636 – ImageMagick has a heap-buffer-overflow in NewXMLTree which could result in crash
https://notcve.org/view.php?id=CVE-2026-32636
18 Mar 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte. Versions 7.1.2-17 and 6.9.13-42 fix the issue. ImageMagick es software libre y de código abierto utilizado para editar y manipular imágenes digitales. Antes de las versiones 7.1.2-17 y 6.9.13-42, el método NewXMLTree contiene un error que podría provocar un bloqueo... • https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-17 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2026-32259 – ImageMagick has a possible stack buffer overflow in sixel encoder
https://notcve.org/view.php?id=CVE-2026-32259
12 Mar 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, when a memory allocation fails in the sixel encoder it would be possible to write past the end of a buffer on the stack. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. ImageMagick es software libre y de código abierto utilizado para editar y manipular imágenes digitales. Antes de 7.1.2-16 y 6.9.13-41, cuando una asignación de memoria falla en el codificador sixel, sería pos... • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-49hx-7656-jpg3 • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2026-31853 – ImageMagick has a heap buffer over-write on 32-bit systems in SFW decoder
https://notcve.org/view.php?id=CVE-2026-31853
11 Mar 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, an overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-56jp-jfqg-f8f4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2026-30937 – ImageMagick has a heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation
https://notcve.org/view.php?id=CVE-2026-30937
09 Mar 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. ImageMagick es un software libre y de código abierto utilizado para editar y manipular imágenes digitales. • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpg4-j99f-8xcg • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-30936 – ImageMagick has a heap Buffer Overflow in WaveletDenoiseImage
https://notcve.org/view.php?id=CVE-2026-30936
09 Mar 2026 — ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. ImageMagick es un software libre y de código abierto utilizado para editar y manipular imágenes digitales. • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p • CWE-122: Heap-based Buffer Overflow •