Total CVEs

143,208

Critical Severity

4,054

High Severity

14,598

Last 7 Days

1,280
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 41 - 60 of 138 CVEs
CVE-2026-46692 MEDIUM - 4.1

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been patched in versions...

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 22, 2026
Source: GitHub
CVE-2026-46559 MEDIUM - 4.0

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions 6....

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-46557 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-23, due to a missing depth check a stack overflow can occur in the fx operation by passing a crafted argument. This issue has been patched in version 7.1.2-23.

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-46523 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue.

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-46522 HIGH - 7.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the issue.

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-46521 MEDIUM - 5.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in versions 6.9.13-48 and 7.1....

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-46520 HIGH - 7.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48 and 7.1.2-23.

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-45664 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use. Th...

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-45624 MEDIUM - 5.1

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments. This issue has been patched in version...

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-45031 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, due to a missing check in the PSD decoder it would be possible to bypass the list-length resource policy when decoding a PSD image. Other security limits would sti...

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-45358 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bounds read of a single byte in the meta encoder. This issue has been patched in versions 6.9.13-47 and...

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-45359 MEDIUM - 5.7

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been patc...

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-42326 MEDIUM - 5.1

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. This issue has been patched in versions 6.9.13-47 and 7...

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: May 18, 2026
Source: GitHub
CVE-2026-42050 MEDIUM - 5.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerability i...

Vendor: ImageMagick
Product: ImageMagick
Published: May 11, 2026
Source: NVD
CVE-2026-41247 CRITICAL - 9.8

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.67, elFinder contains a command injection vulnerability in the resize command. The bg (background color) parameter is accepted from user input and passed through image resize/rotate processing. In co...

Vendor: Studio-42
Product: elFinder
Published: Apr 23, 2026
Source: NVD
CVE-2026-40312 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19.

Vendor: ImageMagick
Product: ImageMagick
Published: Apr 13, 2026
Source: NVD
CVE-2026-40311 MEDIUM - 5.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when reading and printing values from an invalid XMP profile. This issue has been fixed in versions ...

Vendor: ImageMagick
Product: ImageMagick
Published: Apr 13, 2026
Source: NVD
CVE-2026-40310 MEDIUM - 5.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 and 7...

Vendor: ImageMagick
Product: ImageMagick
Published: Apr 13, 2026
Source: NVD
CVE-2026-40183 MEDIUM - 5.5

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, the JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats. This issue has been fixed in version 7.1.2-19.

Vendor: ImageMagick
Product: ImageMagick
Published: Apr 13, 2026
Source: NVD
CVE-2026-40169 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json output, resulting in a crash. This issue has been fixed in version 7.1.2-19.

Vendor: ImageMagick
Product: ImageMagick
Published: Apr 13, 2026
Source: NVD