Total CVEs

143,226

Critical Severity

4,056

High Severity

14,605

Last 7 Days

1,273
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 101 - 120 of 138 CVEs
CVE-2026-26283 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a `continue` statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger a...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-26066 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT`. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25989 HIGH - 7.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check (`>` instead of `>=`) that allows bypass the guard and reach an undefined `(si...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25988 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-40 c...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25987 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory disclo...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25986 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer overflow write vulnerability exists in ReadYUVImage() (coders/yuv.c) when processing malicious YUV 4:2:2 (NoInterlace) images. The pixel-pair loop wr...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25985 HIGH - 7.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate ~674 GB of memory, leading to an out-of-memory abort. Versions 7.1.2-1...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25983 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25982 MEDIUM - 6.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap out-of-bounds read vulnerability exists in the `coders/dcm.c` module. When processing DICOM files with a specific configuration, the decoder loop incorrectl...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25971 MEDIUM - 6.2

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for circular references between two MSLs, leading to a stack overflow. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25970 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25969 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a structure. However, when an exception is thrown, the allocated memory is not properly released, res...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25968 HIGH - 7.4

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versions ...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25967 HIGH - 7.4

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash. Version 7.1.2-15 c...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25966 MEDIUM - 5.9

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd:<n> pseudo-filenames (e.g., fd:0, fd:1)...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25965 HIGH - 8.6

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagickโ€™s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/* can be bypas...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25898 MEDIUM - 6.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by `GetPixelIndex()` before using it as an array subscript. In HDRI builds, `Quantum` ...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25897 MEDIUM - 6.5

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, an Integer Overflow vulnerability exists in the sun decoder. On 32-bit systems/builds, a carefully crafted image can lead to an out of bounds heap write. Versions ...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25799 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resulting i...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD
CVE-2026-25798 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image f...

Vendor: ImageMagick
Product: ImageMagick
Published: Feb 24, 2026
Source: NVD