CVE-2026-56379
NONE SEVERITYCVSS Score & Metrics
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Vulnerability Description
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-116
Source
NVD
Vendor
ImageMagick
Product
ImageMagick
Discussion (0)
Add Comment
No comments yet. Be the first!