5.9
CVE-2026-55577
- EPSS 0.23%
- Veröffentlicht 01.07.2026 19:16:54
- Zuletzt bearbeitet 02.07.2026 19:30:48
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
ImageMagick: Heap Buffer Overflow in ImageMagick MVG decoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Imagemagick ≫ Imagemagick Version < 6.9.13-51
Imagemagick ≫ Imagemagick Version >= 7.0.0-0 < 7.1.2-26
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.132 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-advisories@github.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-754 Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
CWE-755 Improper Handling of Exceptional Conditions
The product does not handle or incorrectly handles an exceptional condition.
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wx47-rm3x-jx6p