5.5
CVE-2026-30936 - ImageMagick has a heap Buffer Overflow in WaveletDenoiseImage
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operationβ¦
4.4
CVE-2026-30935 - ImageMagick has a heap Buffer Over-Read in BilateralBlurImage
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, BilateralBlurImage contains a heap buffer over-read caused by an incorrect conversion. When processing a crafted image with the -bilateral-blur operation an out of bounds read β¦
6.8
CVE-2026-30931 - ImageMagick has a heap-based buffer overflow in UHDR encoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, a heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write. This vulnerability is fixed in 7.1.2-16.
7.7
CVE-2026-30929 - ImageMagick has a stack buffer overflow in MagnifyImage
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MagnifyImage uses a fixed-size stack buffer. When using a specific image it is possible to overflow this buffer and corrupt the stack. This vulnerability is fixedβ¦
5.7
CVE-2026-30883 - ImageMagick has a Heap Overflow when writing extremely large image profile in the PNG encoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
8.1
CVE-2026-28693 - ImageMagick has an integer overflow in DIB coder can result in out of bounds read or write
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
4.8
CVE-2026-28692 - ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
7.5
CVE-2026-28691 - ImageMagick has an uninitialized pointer dereference in JBIG decoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
6.9
CVE-2026-28690 - ImageMagick has a stack write buffer overflow in MNG encoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data. Tβ¦
6.3
CVE-2026-28689 - ImageMagick has a Path Policy TOCTOU symlink race bypass
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain="path" authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write. This vulnerabβ¦