wid-sec-w-2026-0714 · Published 2026-03-12 · View on BSI CERT-Bund ↗

ImageMagick: Vulnerability allows nicht spezifizierten Angriff

CVSS 6.7 MEDIUM

Risk Summary

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, when a memory allocation fails in the sixel encoder it would be possible to write past the end of a buffer on the stack. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

CVEs (1)

CVE-2026-32259

Affected Vendors

Amazon Debian Open Source SUSE

Affected Products (4)

Open Source · ImageMagick <7.1.2-16

Open Source · ImageMagick 7.1.2-16

Open Source · ImageMagick <6.9.13-41

Open Source · ImageMagick 6.9.13-41

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more