{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-30936", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-07T16:40:05.885Z", "datePublished": "2026-03-09T21:49:36.015Z", "dateUpdated": "2026-03-10T14:48:27.131Z"}, "containers": {"cna": {"title": "ImageMagick has a heap Buffer Overflow in WaveletDenoiseImage", "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "lang": "en", "description": "CWE-122: Heap-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p"}], "affected": [{"vendor": "ImageMagick", "product": "ImageMagick", "versions": [{"version": ">= 7.0.0, < 7.1.2-16", "status": "affected"}, {"version": "< 6.9.13-41", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-09T21:49:36.015Z"}, "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41."}], "source": {"advisory": "GHSA-5ggv-92r5-cp4p", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-10T14:48:08.605845Z", "id": "CVE-2026-30936", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-10T14:48:27.131Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-30936", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-10T14:48:08.605845Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-10T14:48:18.670Z"}}], "cna": {"title": "ImageMagick has a heap Buffer Overflow in WaveletDenoiseImage", "source": {"advisory": "GHSA-5ggv-92r5-cp4p", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "ImageMagick", "product": "ImageMagick", "versions": [{"status": "affected", "version": ">= 7.0.0, < 7.1.2-16"}, {"status": "affected", "version": "< 6.9.13-41"}]}], "references": [{"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p", "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-09T21:49:36.015Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30936", "state": "PUBLISHED", "dateUpdated": "2026-03-10T14:48:27.131Z", "dateReserved": "2026-03-07T16:40:05.885Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-09T21:49:36.015Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFFB7C48-4211-4215-9C0B-D285B8E09CF1", "versionEndExcluding": "6.9.13-41", "vulnerable": true}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "matchCriteriaId": "865783BD-5A33-4D05-AF99-E6EFE76414D1", "versionEndExcluding": "7.1.2-16", "versionStartIncluding": "7.0.0-0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41."}, {"lang": "es", "value": "ImageMagick es un software libre y de c\u00f3digo abierto utilizado para editar y manipular im\u00e1genes digitales. Antes de las versiones 7.1.2-16 y 6.9.13-41, una imagen manipulada podr\u00eda causar una escritura fuera de l\u00edmites en el heap dentro del m\u00e9todo WaveletDenoiseImage. Al procesar una imagen manipulada con la operaci\u00f3n -wavelet-denoise, puede ocurrir una escritura fuera de l\u00edmites. Esta vulnerabilidad est\u00e1 corregida en 7.1.2-16 y 6.9.13-41."}], "id": "CVE-2026-30936", "lastModified": "2026-03-11T17:48:46.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-10T07:44:57.663", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "ImageMagick: ImageMagick: Denial of Service via crafted image processing", "id": "2445880", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445880"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-787", "details": ["A flaw was found in ImageMagick, a free and open-source software for editing and manipulating digital images. A remote attacker could exploit this vulnerability by providing a specially crafted image to a user, which, when processed with the -wavelet-denoise operation, could lead to an out-of-bounds heap write. This issue can result in a denial of service (DoS), causing the application to become unstable or crash."], "mitigation": {"lang": "en:us", "value": "To reduce the risk of exploitation, avoid processing untrusted or unverified image files with ImageMagick. Users should exercise caution when handling images from unknown sources. Additionally, consider restricting ImageMagick's capabilities through its policy file to limit exposure to potentially vulnerable operations or file formats."}, "name": "CVE-2026-30936", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2026-03-09T21:49:36Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-30936\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-30936\nhttps://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p"], "statement": "This is a MODERATE impact vulnerability. ImageMagick in Red Hat Enterprise Linux 6 ELS and 7 ELS is affected by a heap buffer overflow. This flaw occurs when processing a specially crafted image using the -wavelet-denoise operation, which could lead to an out-of-bounds write. Exploitation requires user interaction to process the malicious image.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[7.0.0,7.1.2-16)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.9.13-41)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "ImageMagick", "source": "cna", "vendor": "ImageMagick"}, "product": "imagemagick", "vendor": "imagemagick"}], "analysis": {"en": {"generated_at": "2026-04-16T10:05:19.308612+00:00", "value": {"mitigation_remediation": ["Upgrade ImageMagick to version 7.1.2\u201116 or higher or 6.9.13\u201141 or higher, which contains the fix for the WaveletDenoiseImage heap overflow.", "Restrict the use of the \"-wavelet-denoise\" operation to trusted images only; if possible, disable the operation or move image processing to a sandboxed environment to prevent untrusted images from triggering the overflow.", "Monitor image\u2011processing applications for abnormal crashes or memory errors, and apply additional runtime protections such as AddressSanitizer or SELinux hardening if available."], "summary": {"action": "Apply Patch", "impact": "Heap Buffer Overflow leading to out-of-bounds write"}, "threat_synthesis": {"affected_systems": "ImageMagick versions prior to 7.1.2\u201116 and 6.9.13\u201141. The software is widely deployed for image processing on servers, desktops, and embedded systems.", "description_and_impact": "A heap buffer overflow exists in the WaveletDenoiseImage function of ImageMagick that allows a crafted image to trigger an out\u2011of\u2011bounds write. If an application uses the -wavelet-denoise operation on a malicious image, memory corruption can occur, potentially resulting in application crash or, in the worst case, arbitrary code execution. The flaw exists in all releases before 7.1.2\u201116 and 6.9.13\u201141.", "risk_and_exploitability": "The assessed CVSS score of 5.5 indicates moderate severity, suggesting that while exploitation may not be trivial, the presence of a heap overflow can be damaging. The EPSS score of less than 1\u202f% indicates a low likelihood of exploitation at the time of analysis. The vulnerability is not listed in the CISA KEV catalog. Attackers likely require that a compromised or untrusted image be processed by an ImageMagick\u2011based application, implying a local or remote file\u2011based vector depending on how the image is supplied. No public exploit code is available according to the provided references."}}}}, "created": "2026-03-10T14:06:42.717410+00:00", "updated": "2026-04-16T10:15:26.106859+00:00", "vendors": ["imagemagick", "imagemagick$PRODUCT$imagemagick"]}