Back to CVE List

CVE-2026-61859

LOW SEVERITY

CVSS Score & Metrics

Base Score
3.3 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Vulnerability Description

ImageMagick before 7.1.2-26 and 6.9.13-x before 6.9.13-51 contains a policy bypass vulnerability in the -script operation due to missing security policy checks. This allows reading files from paths that are otherwise disallowed by the configured security policy.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-59
Source
NVD
Vendor
ImageMagick
Product
ImageMagick

External References

Discussion (0)

Add Comment

No comments yet. Be the first!