CVE-2026-61859
LOW SEVERITYCVSS Score & Metrics
Base Score
3.3 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Description
ImageMagick before 7.1.2-26 and 6.9.13-x before 6.9.13-51 contains a policy bypass vulnerability in the -script operation due to missing security policy checks. This allows reading files from paths that are otherwise disallowed by the configured security policy.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-59
Source
NVD
Vendor
ImageMagick
Product
ImageMagick
Discussion (0)
Add Comment
No comments yet. Be the first!