ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 `display` interaction path that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1550 advisory.

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 `display` interaction path     that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue. (CVE-2026-33535)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented     past the end of a buffer that is on the stack and that could result in an out of bounds write. Versions     7.1.2-18 and 6.9.13-43 patch the issue. (CVE-2026-33536)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the ImageMagick package has been released.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1201-1 advisory.

    - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion     (bsc#1258790).
    - CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack     buffer overflow       (bsc#1259447).
    - CVE-2026-28686: undersized output buffer allocation in the PCL encoder can lead to a heap buffer     overflow       (bsc#1259448).
    - CVE-2026-28687: heap use-after-free vulnerability in the MSL decoder via a crafted MSL file     (bsc#1259450).
    - CVE-2026-28688: heap use-after-free in the MSL encoder when a cloned image is destroyed twice     (bsc#1259451).
    - CVE-2026-28689: `domain='path'` authorization is checked before final file open/use and allows for     read/write bypass       via symlink swaps (bsc#1259452).
    - CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow     (bsc#1259456).
    - CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference     (bsc#1259455).
    - CVE-2026-28692: 32-bit integer overflow in MAT decoder can lead to a heap buffer over-read     (bsc#1259457).
    - CVE-2026-28693: integer overflow in the DIB coder can lead to an out-of-bounds read or write     (bsc#1259466).
    - CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write     (bsc#1259467).
    - CVE-2026-30937: Heap buffer overflow in XWD encoder due to CARD32 arithmetic overflow (bsc#1259463).
    - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing     extremely       large images (bsc#1259528).
    - CVE-2026-33535: Out-of-Bounds write of a zero byte in X11 display interaction (bsc#1260874).
    - CVE-2026-33536: Denial of Service via out-of-bounds write (bsc#1260879).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1202-1 advisory.

    - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion     (bsc#1258790).
    - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write (bsc#1259446).
    - CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack     buffer overflow       (bsc#1259447).
    - CVE-2026-28686: undersized output buffer allocation in the PCL encoder can lead to a heap buffer     overflow       (bsc#1259448).
    - CVE-2026-28687: heap use-after-free vulnerability in the MSL decoder via a crafted MSL file     (bsc#1259450).
    - CVE-2026-28688: heap use-after-free in the MSL encoder when a cloned image is destroyed twice     (bsc#1259451).
    - CVE-2026-28689: `domain='path'` authorization is checked before final file open/use and allows for     read/write bypass       via symlink swaps (bsc#1259452).
    - CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow     (bsc#1259456).
    - CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference     (bsc#1259455).
    - CVE-2026-28692: 32-bit integer overflow in MAT decoder can lead to a heap buffer over-read     (bsc#1259457).
    - CVE-2026-28693: integer overflow in the DIB coder can lead to an out-of-bounds read or write     (bsc#1259466).
    - CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write     (bsc#1259467).
    - CVE-2026-30929: improper use of fixed-size stack buffer in `MagnifyImage`can lead to a stack buffer     overflow       (bsc#1259468).
    - CVE-2026-30931: value truncation in the UHDR encoder can lead to a heap buffer overflow (bsc#1259469).
    - CVE-2026-30935: heap-based buffer over-read in BilateralBlurImage (bsc#1259497).
    - CVE-2026-30936: Heap Buffer Overflow in WaveletDenoiseImage (bsc#1259464).
    - CVE-2026-30937: Heap buffer overflow in XWD encoder due to CARD32 arithmetic overflow (bsc#1259463).
    - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing     extremely       large images (bsc#1259528).
    - CVE-2026-32259: memory allocation fails can lead to out of bound write (bsc#1259612).
    - CVE-2026-32636: Denial of Service via out-of-bounds write in NewXMLTree method (bsc#1259872).
    - CVE-2026-33535: Out-of-Bounds write of a zero byte in X11 display interaction (bsc#1260874).
    - CVE-2026-33536: Denial of Service via out-of-bounds write (bsc#1260879).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1203-1 advisory.

    - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write (bsc#1259446).
    - CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack     buffer overflow       (bsc#1259447).
    - CVE-2026-28686: undersized output buffer allocation in the PCL encoder can lead to a heap buffer     overflow       (bsc#1259448).
    - CVE-2026-28687: heap use-after-free vulnerability in the MSL decoder via a crafted MSL file     (bsc#1259450).
    - CVE-2026-28688: heap use-after-free in the MSL encoder when a cloned image is destroyed twice     (bsc#1259451).
    - CVE-2026-28689: `domain='path'` authorization is checked before final file open/use and allows for     read/write bypass       via symlink swaps (bsc#1259452).
    - CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow     (bsc#1259456).
    - CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference     (bsc#1259455).
    - CVE-2026-28692: 32-bit integer overflow in MAT decoder can lead to a heap buffer over-read     (bsc#1259457).
    - CVE-2026-28693: integer overflow in the DIB coder can lead to an out-of-bounds read or write     (bsc#1259466).
    - CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write     (bsc#1259467).
    - CVE-2026-30929: improper use of fixed-size stack buffer in `MagnifyImage`can lead to a stack buffer     overflow       (bsc#1259468).
    - CVE-2026-30935: heap-based buffer over-read in BilateralBlurImage (bsc#1259497).
    - CVE-2026-30936: Heap Buffer Overflow in WaveletDenoiseImage (bsc#1259464).
    - CVE-2026-30937: Heap buffer overflow in XWD encoder due to CARD32 arithmetic overflow (bsc#1259463).
    - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing     extremely       large images (bsc#1259528).
    - CVE-2026-32259: memory allocation fails can lead to out of bound write (bsc#1259612).
    - CVE-2026-32636: Denial of Service via out-of-bounds write in NewXMLTree method (bsc#1259872).
    - CVE-2026-33535: Out-of-Bounds write of a zero byte in X11 display interaction (bsc#1260874).
    - CVE-2026-33536: Denial of Service via out-of-bounds write (bsc#1260879).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote host has a version of ImageMagick installed that is prior to 6.9.13-43 and 7.x prior to 7.1.2-18. It is, therefore, affected by multiple vulnerabilities:

  - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18     and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 display interaction path that could lead     to a crash. (CVE-2026-33535)

  - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18     and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a     buffer that is on the stack and that could result in an out-of-bounds write. (CVE-2026-33536)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 `display` interaction path     that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue. (CVE-2026-33535)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
306201	Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1550)	Nessus	Amazon Linux Local Security Checks	medium
305685	Photon OS 5.0: Imagemagick PHSA-2026-5.0-0806	Nessus	PhotonOS Local Security Checks	high
305289	SUSE SLES12 Security Update : ImageMagick (SUSE-SU-2026:1201-1)	Nessus	SuSE Local Security Checks	high
305286	SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2026:1202-1)	Nessus	SuSE Local Security Checks	critical
305282	SUSE SLES15 / openSUSE 15 Security Update : ImageMagick (SUSE-SU-2026:1203-1)	Nessus	SuSE Local Security Checks	high
304667	ImageMagick < 6.9.13-43 / 7.x < 7.1.2-18 Multiple Vulnerabilities	Nessus	Misc.	medium
303990	Linux Distros Unpatched Vulnerability : CVE-2026-33535	Nessus	Misc.	medium

Detections

Analytics

CVE-2026-33535

medium

Tenable Plugins

medium

high

high

critical

high

medium

medium