QSearchQSearch

CVE-2026-48733

4.7 MEDIUM

ImageMagick is free and open-source software used for editing and manipulating digital images

Published: 2026-06-10 · Last updated: 2026-06-10

Severity and scoring

CVSS
4.7 MEDIUM
Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE
CWE-835

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has been patched in versions 6.9.13-49 and 7.1.2-24.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-46521 ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
  • CVE-2026-46522 ImageMagick is free and open-source software used for editing and manipulating digital images (7.5 HIGH)
  • CVE-2026-49495 Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection ... (5.5 MEDIUM)
  • CVE-2025-71330 image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event l... (7.5 HIGH)
  • CVE-2025-71329 image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event l... (7.5 HIGH)