Tag

Imagemagick

4 briefs RSS

ImageMagick XML Bomb Denial-of-Service Vulnerability (CVE-2026-33908)

ImageMagick versions prior to 7.1.2-19 and 6.9.13-44 are susceptible to a denial-of-service (DoS) attack due to unbounded recursion during XML parsing, potentially leading to stack exhaustion.

dos imagemagick xml cve-2026-33908

2r 1t 1c 3w ago

high advisory

ImageMagick Heap Buffer Overflow Vulnerability (CVE-2026-33901)

2 rules 1 TTP 1 CVE

ImageMagick versions before 7.1.2-19 and 6.9.13-44 are vulnerable to a heap buffer overflow in the MVG decoder, potentially leading to an out-of-bounds write when processing a crafted image, which can result in denial of service or arbitrary code execution.

imagemagick heap-buffer-overflow cve-2026-33901

2r 1t 1c 3w ago

critical advisory

ImageMagick Multiple Vulnerabilities Leading to DoS, Code Execution, or Data Manipulation

2 rules 1 TTP

Multiple vulnerabilities in ImageMagick could allow an attacker to perform a denial of service attack, execute arbitrary code, or manipulate data.

imagemagick vulnerability dos code_execution data_manipulation

2r 1t Mar 31, 2026

critical advisory

Android-ImageMagick7 Out-of-Bounds Write Vulnerability (CVE-2026-33854)

2 rules 1 TTP 1 IOC

An unauthenticated, remote attacker can exploit an out-of-bounds write vulnerability (CVE-2026-33854) in MolotovCherry Android-ImageMagick7 versions before 7.1.2-10 by enticing a user to open a malicious image, potentially leading to arbitrary code execution.

cve out-of-bounds write android imagemagick

2r 1t 1i Mar 24, 2026