5.9
CVE-2026-48994
- EPSS 0.23%
- Veröffentlicht 10.06.2026 21:58:14
- Zuletzt bearbeitet 11.06.2026 18:44:31
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
ImageMagick: Heap Buffer Over-Write in MAT decoder on 32-bit systems
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in versions 6.9.13-48 and 7.1.2-24.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Imagemagick ≫ Imagemagick Version < 6.9.13-48
Imagemagick ≫ Imagemagick Version >= 7.0.0-0 < 7.1.2-24
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.132 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-advisories@github.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-4v89-6mgq-6rgc