ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte. Versions 7.1.2-17 and 6.9.13-42 fix the issue.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4539 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-4539-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                   Bastien Roucaris     April 19, 2026                                https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : imagemagick     Version        : 8:6.9.11.60+dfsg-1.3+deb11u11     CVE ID         : CVE-2026-25971 CVE-2026-25985 CVE-2026-26284 CVE-2026-26983                      CVE-2026-28494 CVE-2026-28686 CVE-2026-28687 CVE-2026-28688                      CVE-2026-28689 CVE-2026-28690 CVE-2026-28691 CVE-2026-28692                      CVE-2026-28693 CVE-2026-30883 CVE-2026-30936 CVE-2026-30937                      CVE-2026-31853 CVE-2026-32259 CVE-2026-32636 CVE-2026-33535                      CVE-2026-33536

    Multiple security vulnerabilities were discovered in imagemagick,     a software suite used for editing and manipulating digital images, which     could lead to symlink races, information leaks, denial of service     and potentially arbitrary code execution.

    For Debian 11 bullseye, these problems have been fixed in version     8:6.9.11.60+dfsg-1.3+deb11u11.

    We recommend that you upgrade your imagemagick packages.

    For the detailed security status of imagemagick please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/imagemagick

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the ImageMagick package has been released.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1202-1 advisory.

    - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion     (bsc#1258790).
    - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write (bsc#1259446).
    - CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack     buffer overflow       (bsc#1259447).
    - CVE-2026-28686: undersized output buffer allocation in the PCL encoder can lead to a heap buffer     overflow       (bsc#1259448).
    - CVE-2026-28687: heap use-after-free vulnerability in the MSL decoder via a crafted MSL file     (bsc#1259450).
    - CVE-2026-28688: heap use-after-free in the MSL encoder when a cloned image is destroyed twice     (bsc#1259451).
    - CVE-2026-28689: `domain='path'` authorization is checked before final file open/use and allows for     read/write bypass       via symlink swaps (bsc#1259452).
    - CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow     (bsc#1259456).
    - CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference     (bsc#1259455).
    - CVE-2026-28692: 32-bit integer overflow in MAT decoder can lead to a heap buffer over-read     (bsc#1259457).
    - CVE-2026-28693: integer overflow in the DIB coder can lead to an out-of-bounds read or write     (bsc#1259466).
    - CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write     (bsc#1259467).
    - CVE-2026-30929: improper use of fixed-size stack buffer in `MagnifyImage`can lead to a stack buffer     overflow       (bsc#1259468).
    - CVE-2026-30931: value truncation in the UHDR encoder can lead to a heap buffer overflow (bsc#1259469).
    - CVE-2026-30935: heap-based buffer over-read in BilateralBlurImage (bsc#1259497).
    - CVE-2026-30936: Heap Buffer Overflow in WaveletDenoiseImage (bsc#1259464).
    - CVE-2026-30937: Heap buffer overflow in XWD encoder due to CARD32 arithmetic overflow (bsc#1259463).
    - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing     extremely       large images (bsc#1259528).
    - CVE-2026-32259: memory allocation fails can lead to out of bound write (bsc#1259612).
    - CVE-2026-32636: Denial of Service via out-of-bounds write in NewXMLTree method (bsc#1259872).
    - CVE-2026-33535: Out-of-Bounds write of a zero byte in X11 display interaction (bsc#1260874).
    - CVE-2026-33536: Denial of Service via out-of-bounds write (bsc#1260879).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1203-1 advisory.

    - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write (bsc#1259446).
    - CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack     buffer overflow       (bsc#1259447).
    - CVE-2026-28686: undersized output buffer allocation in the PCL encoder can lead to a heap buffer     overflow       (bsc#1259448).
    - CVE-2026-28687: heap use-after-free vulnerability in the MSL decoder via a crafted MSL file     (bsc#1259450).
    - CVE-2026-28688: heap use-after-free in the MSL encoder when a cloned image is destroyed twice     (bsc#1259451).
    - CVE-2026-28689: `domain='path'` authorization is checked before final file open/use and allows for     read/write bypass       via symlink swaps (bsc#1259452).
    - CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow     (bsc#1259456).
    - CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference     (bsc#1259455).
    - CVE-2026-28692: 32-bit integer overflow in MAT decoder can lead to a heap buffer over-read     (bsc#1259457).
    - CVE-2026-28693: integer overflow in the DIB coder can lead to an out-of-bounds read or write     (bsc#1259466).
    - CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write     (bsc#1259467).
    - CVE-2026-30929: improper use of fixed-size stack buffer in `MagnifyImage`can lead to a stack buffer     overflow       (bsc#1259468).
    - CVE-2026-30935: heap-based buffer over-read in BilateralBlurImage (bsc#1259497).
    - CVE-2026-30936: Heap Buffer Overflow in WaveletDenoiseImage (bsc#1259464).
    - CVE-2026-30937: Heap buffer overflow in XWD encoder due to CARD32 arithmetic overflow (bsc#1259463).
    - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing     extremely       large images (bsc#1259528).
    - CVE-2026-32259: memory allocation fails can lead to out of bound write (bsc#1259612).
    - CVE-2026-32636: Denial of Service via out-of-bounds write in NewXMLTree method (bsc#1259872).
    - CVE-2026-33535: Out-of-Bounds write of a zero byte in X11 display interaction (bsc#1260874).
    - CVE-2026-33536: Denial of Service via out-of-bounds write (bsc#1260879).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3220 advisory.

    A flaw was found in ImageMagick. An integer overflow vulnerability exists in the SIXEL decoder, which     allows a remote attacker to perform an out-of-bounds write via a specially crafted image. This can lead to     a Denial of Service (DoS) and potentially information disclosure. (CVE-2026-28493)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-16 and 6.9.13-41, when a memory allocation fails in the sixel encoder it would be possible to write     past the end of a buffer on the stack. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
    (CVE-2026-32259)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of     write bounds of a single zero byte. Versions 7.1.2-17 and 6.9.13-42 fix the issue. (CVE-2026-32636)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1511 advisory.

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of     write bounds of a single zero byte. Versions 7.1.2-17 and 6.9.13-42 fix the issue. (CVE-2026-32636)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8127-1 advisory.

    It was discovered that ImageMagick did not properly process certain tags prior to an image being loaded.
    An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service.
    (CVE-2026-23952)

    It was discovered that ImageMagick did not properly handle temporary file creation failures. An attacker     could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service.
    (CVE-2026-25795)

    It was discovered that ImageMagick did not properly manage memory under certain conditions. An attacker     could possibly use this issue to cause ImageMagick to consume resources, resulting in a denial of service.
    (CVE-2026-25796)

    It was discovered that ImageMagick incorrectly handled certain specially crafted image files. An attacker     could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service.
    (CVE-2026-25798)

    It was discovered that ImageMagick did not properly validate certain YUV sampling factors. An attacker     could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service.
    (CVE-2026-25799)

    It was discovered that ImageMagick incorrectly handled certain specially crafted image files. An attacker     could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. This issue     only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
    (CVE-2026-25970)

    It was discovered that ImageMagick incorrectly managed memory when handling certain specially crafted     image files. An attacker could possibly use this issue to cause ImageMagick to consume resources,     resulting in a denial of service. (CVE-2026-25988)

    It was discovered that ImageMagick incorrectly handled certain crafted image profiles. An attacker could     possibly use this issue to cause ImageMagick to consume available resources, resulting in a denial of     service. (CVE-2026-26066)

    It was discovered that ImageMagick incorrectly handled large image profiles when encoding PNG images. An     attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly     execute arbitrary code. (CVE-2026-30883)

    Kamil Frankowicz discovered that ImageMagick incorrectly handled certain XML data. An attacker could     possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. (CVE-2026-32636)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of     write bounds of a single zero byte. Versions 7.1.2-17 and 6.9.13-42 fix the issue. (CVE-2026-32636)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
307507	Debian dla-4539 : imagemagick - security update	Nessus	Debian Local Security Checks	critical
305854	Photon OS 4.0: Imagemagick PHSA-2026-4.0-0992	Nessus	PhotonOS Local Security Checks	high
305685	Photon OS 5.0: Imagemagick PHSA-2026-5.0-0806	Nessus	PhotonOS Local Security Checks	high
305286	SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2026:1202-1)	Nessus	SuSE Local Security Checks	critical
305282	SUSE SLES15 / openSUSE 15 Security Update : ImageMagick (SUSE-SU-2026:1203-1)	Nessus	SuSE Local Security Checks	high
304585	Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3220 (ALAS-2026-3220)	Nessus	Amazon Linux Local Security Checks	high
304574	Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1511)	Nessus	Amazon Linux Local Security Checks	high
304429	Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ImageMagick vulnerabilities (USN-8127-1)	Nessus	Ubuntu Local Security Checks	high
302966	Linux Distros Unpatched Vulnerability : CVE-2026-32636	Nessus	Misc.	high

Detections

Analytics

CVE-2026-32636

high

Tenable Plugins

critical

high

high

critical

high

high

high

high

high