{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33536", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-20T18:05:11.831Z", "datePublished": "2026-03-26T19:57:53.619Z", "dateUpdated": "2026-03-27T13:57:36.689Z"}, "containers": {"cna": {"title": "ImageMagick has an Out-of-bounds Write via InterpretImageFilename", "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "lang": "en", "description": "CWE-787: Out-of-bounds Write", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-121", "lang": "en", "description": "CWE-121: Stack-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf"}], "affected": [{"vendor": "ImageMagick", "product": "ImageMagick", "versions": [{"version": "< 7.1.2-18", "status": "affected"}, {"version": "< 6.9.13-43", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T19:57:53.619Z"}, "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write. Versions 7.1.2-18 and 6.9.13-43 patch the issue."}], "source": {"advisory": "GHSA-8793-7xv6-82cf", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T13:44:35.275070Z", "id": "CVE-2026-33536", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T13:57:36.689Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "ImageMagick has an Out-of-bounds Write via InterpretImageFilename", "source": {"advisory": "GHSA-8793-7xv6-82cf", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "ImageMagick", "product": "ImageMagick", "versions": [{"status": "affected", "version": "< 7.1.2-18"}, {"status": "affected", "version": "< 6.9.13-43"}]}], "references": [{"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf", "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write. Versions 7.1.2-18 and 6.9.13-43 patch the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121: Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T19:57:53.619Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33536", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-27T13:44:35.275070Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-27T13:44:38.144Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-33536", "state": "PUBLISHED", "dateUpdated": "2026-03-26T19:57:53.619Z", "dateReserved": "2026-03-20T18:05:11.831Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T19:57:53.619Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE210D23-0EC1-400A-A545-0CABCB44EF78", "versionEndExcluding": "6.9.13-43", "vulnerable": true}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "matchCriteriaId": "A761D9D6-07EA-4D5D-94AA-7ED80672FE0E", "versionEndExcluding": "7.1.2-18", "versionStartIncluding": "7.0.0-0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write. Versions 7.1.2-18 and 6.9.13-43 patch the issue."}, {"lang": "es", "value": "ImageMagick es un software libre y de c\u00f3digo abierto utilizado para editar y manipular im\u00e1genes digitales. Antes de 7.1.2-18 y 6.9.13-43, debido a un valor de retorno incorrecto en ciertas plataformas, un puntero se incrementa m\u00e1s all\u00e1 del final de un b\u00fafer que est\u00e1 en la pila y eso podr\u00eda resultar en una escritura fuera de l\u00edmites. Las versiones 7.1.2-18 y 6.9.13-43 parchean el problema."}], "id": "CVE-2026-33536", "lastModified": "2026-04-02T17:47:47.153", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-26T20:16:15.877", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}, {"lang": "en", "value": "CWE-787"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "ImageMagick: ImageMagick: Denial of Service via out-of-bounds write", "id": "2451849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451849"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-823", "details": ["A flaw was found in ImageMagick, an open-source software for image manipulation. This vulnerability, caused by an incorrect return value, allows a local attacker to write data outside of its intended memory area, known as an out-of-bounds write. The primary consequence of this flaw is a denial of service (DoS), which can make the application or system unavailable."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-33536", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2026-03-26T19:57:53Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-33536\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-33536\nhttps://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf"], "statement": "Moderate: This flaw in ImageMagick, an image manipulation software, allows a local attacker to cause a denial of service due to an out-of-bounds write. This vulnerability affects Red Hat Enterprise Linux 6 ELS and 7 ELS, as well as community projects like Fedora and EPEL, where ImageMagick is installed and used for image processing.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,7.1.2-18)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.9.13-43)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "ImageMagick", "source": "cna", "vendor": "ImageMagick"}, "product": "imagemagick", "vendor": "imagemagick"}], "analysis": {"en": {"generated_at": "2026-04-02T23:27:11.616890+00:00", "value": {"mitigation_remediation": ["Upgrade ImageMagick to at least 7.1.2\u201118 or 6.9.13\u201143 to apply the vendor patch."], "summary": {"action": "Immediate Patch", "impact": "Out\u2011of\u2011Bounds Write on Stack Buffer"}, "threat_synthesis": {"affected_systems": "Versions of ImageMagick released before 7.1.2\u201118 and before 6.9.13\u201143 are affected. Any installation that was built from source during that period or still ships with those legacy artifacts is at risk. The vulnerability is not tied to a specific operating system but is platform\u2011dependent in its manifestation.", "description_and_impact": "ImageMagick code that interprets image filenames on certain platforms fails to handle a return value correctly, causing a pointer to advance past the end of a stack buffer. This produces an out\u2011of\u2011bounds write that can corrupt adjacent memory. The result may be a program crash or, if control data is overwritten, could lead to arbitrary code execution. The weakness maps to stack buffer overflow (CWE\u2011121, CWE\u2011787, CWE\u2011823).", "risk_and_exploitability": "The CVSS score of 5.1 reflects moderate severity. The EPSS score of less than 1% suggests that real\u2011world exploitation is unlikely at present, and the flaw is not listed in the CISA Known Exploited Vulnerabilities catalog. Attackers would need to supply a specially crafted image file that triggers the faulty return path, typically through an application that accepts untrusted media. Until the vendor\u2019s patch is applied, the potential for denial of service or arbitrary code execution remains. No confirmed public exploits are reported."}}}}, "created": "2026-03-27T08:32:20.943046+00:00", "updated": "2026-04-03T09:38:49.191068+00:00", "vendors": ["imagemagick", "imagemagick$PRODUCT$imagemagick"]}