ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in versions 6.9.13-48 and 7.1.2-23.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Imagemagick |
|
Configuration 1 [-]
|
No data.
References
History
Fri, 12 Jun 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Thu, 11 Jun 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:* |
Thu, 11 Jun 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 10 Jun 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Imagemagick
Imagemagick imagemagick |
|
| Vendors & Products |
Imagemagick
Imagemagick imagemagick |
Wed, 10 Jun 2026 22:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in versions 6.9.13-48 and 7.1.2-23. | |
| Title | ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression | |
| Weaknesses | CWE-131 CWE-252 CWE-787 CWE-835 |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2026-06-10T21:40:44.045Z
Updated: 2026-06-11T13:13:17.814Z
Reserved: 2026-05-14T19:12:32.755Z
Link: CVE-2026-46521
Vulnrichment
Updated: 2026-06-11T13:13:06.471Z
NVD
Status : Analyzed
Published: 2026-06-10T23:16:46.833
Modified: 2026-06-11T18:42:09.680
Link: CVE-2026-46521
Redhat