ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset is set through the `sample:offset` define that could lead to an out of bounds read. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6245 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6245-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     May 03, 2026                          https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : imagemagick     CVE ID         : CVE-2026-25971 CVE-2026-33899 CVE-2026-33900 CVE-2026-33901                      CVE-2026-33905 CVE-2026-33908 CVE-2026-34238 CVE-2026-40310                      CVE-2026-40311

    Multiple security vulnerabilities were discovered in imagemagick, a     software suite used for editing and manipulating digital images, which     could lead to denial of service, information disclosure or potentially     arbitrary code execution if malformed images are processed.

    For the oldstable distribution (bookworm), these problems have been fixed     in version 8:6.9.11.60+dfsg-1.6+deb12u9.

    We recommend that you upgrade your imagemagick packages.

    For the detailed security status of imagemagick please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/imagemagick

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4559 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-4559-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                   Bastien Roucaris     May 01, 2026                                  https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : imagemagick     Version        : 8:6.9.11.60+dfsg-1.3+deb11u12     CVE ID         : CVE-2026-33899 CVE-2026-33900 CVE-2026-33901 CVE-2026-33905                      CVE-2026-33908 CVE-2026-34238 CVE-2026-40310 CVE-2026-40311     Debian Bug     : 1134627

    Multiple security vulnerabilities were discovered in imagemagick, a     software suite used for editing and manipulating digital images, which     could lead to denial of service, information disclosure or potentially     arbitrary code execution if malformed images are processed.

    For Debian 11 bullseye, these problems have been fixed in version     8:6.9.11.60+dfsg-1.3+deb11u12.

    We recommend that you upgrade your imagemagick packages.

    For the detailed security status of imagemagick please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/imagemagick

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6240 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6240-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     May 01, 2026                          https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : imagemagick     CVE ID         : CVE-2026-32636 CVE-2026-33535 CVE-2026-33536 CVE-2026-33899                      CVE-2026-33900 CVE-2026-33901 CVE-2026-33902 CVE-2026-33905                      CVE-2026-33908 CVE-2026-34238 CVE-2026-40169 CVE-2026-40183                      CVE-2026-40310 CVE-2026-40311 CVE-2026-40312

    Multiple security vulnerabilities were discovered in imagemagick, a     software suite used for editing and manipulating digital images, which     could lead to denial of service, information disclosure or potentially     arbitrary code execution if malformed images are processed.

    For the stable distribution (trixie), these problems have been fixed in     version 8:7.1.1.43+dfsg1-1+deb13u8.

    We recommend that you upgrade your imagemagick packages.

    For the detailed security status of imagemagick please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/imagemagick

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1611 advisory.

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-189 and 6.9.13-44, when `Magick` parses an XML file it is possible that a single zero byte is     written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33899)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset     is set through the `sample:offset` define that could lead to an out of bounds read. This issue has been     fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33905)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the `DestroyXMLTree()`     function; however, this process is executed recursively with no depth limit imposed. When Magick processes     an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of     Service (DoS) attack. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33908)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json     output, resulting in a crash. This issue has been fixed in version 7.1.2-19. (CVE-2026-40169)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions     below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user     specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
    (CVE-2026-40310)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions     below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when     reading and printing values from an invalid XMP profile. This issue has been fixed in versions 6.9.13-44     and 7.1.2-19. (CVE-2026-40311)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3278 advisory.

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 `display` interaction path     that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue. (CVE-2026-33535)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented     past the end of a buffer that is on the stack and that could result in an out of bounds write. Versions     7.1.2-18 and 6.9.13-43 patch the issue. (CVE-2026-33536)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-189 and 6.9.13-44, when `Magick` parses an XML file it is possible that a single zero byte is     written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33899)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset     is set through the `sample:offset` define that could lead to an out of bounds read. This issue has been     fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33905)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the `DestroyXMLTree()`     function; however, this process is executed recursively with no depth limit imposed. When Magick processes     an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of     Service (DoS) attack. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33908)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json     output, resulting in a crash. This issue has been fixed in version 7.1.2-19. (CVE-2026-40169)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions     below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user     specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
    (CVE-2026-40310)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions     below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when     reading and printing values from an invalid XMP profile. This issue has been fixed in versions 6.9.13-44     and 7.1.2-19. (CVE-2026-40311)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is     read. This issue has been fixed in version 7.1.2-19. (CVE-2026-40312)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the ImageMagick package has been released.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1597-1 advisory.

    - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing (bsc#1262154).
    - CVE-2026-33900: Denial of Service via integer truncation in viff encoder (bsc#1262156).
    - CVE-2026-33901: Denial of Service due to heap buffer overflow in MVG decoder (bsc#1262155).
    - CVE-2026-33905: Denial of service via out-of-bounds read in -sample operation (bsc#1262097).
    - CVE-2026-33908: Denial of Service via deeply nested XML file processing (bsc#1262152).
    - CVE-2026-34238: Denial of Service via integer overflow in despeckle operation (bsc#1262147).
    - CVE-2026-40169: Denial of Service via crafted image leading to out-of-bounds write (bsc#1262150).
    - CVE-2026-40183: Denial of Service via heap write overflow in JXL encoder (bsc#1262145).
    - CVE-2026-40310: Denial of service via heap out-of-bounds write in JP2 encoder (bsc#1262148).
    - CVE-2026-40311: Denial of Service via heap use-after-free in XMP profile processing (bsc#1262146).
    - CVE-2026-40312: Denial of Service via malicious MSL file processing (bsc#1262149).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1596-1 advisory.

    - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing (bsc#1262154).
    - CVE-2026-33900: Denial of Service via integer truncation in viff encoder (bsc#1262156).
    - CVE-2026-33905: Denial of service via out-of-bounds read in -sample operation (bsc#1262097).
    - CVE-2026-33908: Denial of Service via deeply nested XML file processing (bsc#1262152).
    - CVE-2026-34238: Denial of Service via integer overflow in despeckle operation (bsc#1262147).
    - CVE-2026-40311: Denial of Service via heap use-after-free in XMP profile processing (bsc#1262146).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1598-1 advisory.

    - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing (bsc#1262154).
    - CVE-2026-33900: Denial of Service via integer truncation in viff encoder (bsc#1262156).
    - CVE-2026-33901: Denial of Service due to heap buffer overflow in MVG decoder (bsc#1262155).
    - CVE-2026-33902: Denial of Service via deeply nested expression in FX parser (bsc#1262153).
    - CVE-2026-33905: Denial of service via out-of-bounds read in -sample operation (bsc#1262097).
    - CVE-2026-33908: Denial of Service via deeply nested XML file processing (bsc#1262152).
    - CVE-2026-34238: Denial of Service via integer overflow in despeckle operation (bsc#1262147).
    - CVE-2026-40169: Denial of Service via crafted image leading to out-of-bounds write (bsc#1262150).
    - CVE-2026-40183: Denial of Service via heap write overflow in JXL encoder (bsc#1262145).
    - CVE-2026-40310: Denial of service via heap out-of-bounds write in JP2 encoder (bsc#1262148).
    - CVE-2026-40311: Denial of Service via heap use-after-free in XMP profile processing (bsc#1262146).
    - CVE-2026-40312: Denial of Service via malicious MSL file processing (bsc#1262149).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20606-1 advisory.

    - CVE-2026-32259: stack out-of-bounds write due to a memory allocation failure in the sixel encoder can     lead to a crash       (bsc#1259612).
    - CVE-2026-32636: out-of-bounds write of a single zero byte due to bug the `NewXMLTree` method can lead to     denial of       service (bsc#1259872).
    - CVE-2026-33535: out-of-bounds write of a zero byte in X11 `display` interaction path can lead to a crash       (bsc#1260874).
    - CVE-2026-33536: stack out-of-bounds write due to incorrect return value on certain platforms can lead to     a denial of       service (bsc#1260879).
    - CVE-2026-33899: out-of-bounds write of single zero byte in XML parsing can lead to a denial of service     (bsc#1262154).
    - CVE-2026-33900: heap out-of-bounds write due to integer truncation in viff encoder can lead to a crash     (bsc#1262156).
    - CVE-2026-33901: heap buffer overflow in the MVG decoder can lead to memory corruption or a crash     (bsc#1262155).
    - CVE-2026-33902: stack buffer overflow in the FX expression parser can lead to a process crash     (bsc#1262153).
    - CVE-2026-33905: out-of-bounds read in `-sample` operation can lead to a denial of service (bsc#1262097).
    - CVE-2026-33908: recursive execution with no depth limit imposed when processing XML files can lead to     resource       exhaustion and a denial of service (bsc#1262152).
    - CVE-2026-34238: heap buffer overflow due to integer overflow in the despeckle operation can lead to a     denial of       service (bsc#1262147).
    - CVE-2026-40169: out-of-bounds heap write when processing a crafted image and writing a YAML or JSON     output can lead       to a crash (bsc#1262150).
    - CVE-2026-40183: heap out-of-bounds write in the JXL encoder can lead to a denial of service     (bsc#1262145).
    - CVE-2026-40310: heap out-of-bounds write in the JP2 encoder can lead to a denial of service     (bsc#1262148).
    - CVE-2026-40311: heap use-after-free when reading and printing values from an invalid XMP profile can     lead to a denial       of service (bsc#1262146).
    - CVE-2026-40312: off-by-one error in the MSL decoder can lead to a crash (bsc#1262149).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1497-1 advisory.

    - CVE-2026-24484: denial of service via multi-layer nested MVG to SVG conversion (bsc#1258790).
    - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write (bsc#1259446).
    - CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack     buffer overflow       (bsc#1259447).
    - CVE-2026-28686: undersized output buffer allocation in the PCL encoder can lead to a heap buffer     overflow       (bsc#1259448).
    - CVE-2026-28687: heap use-after-free vulnerability in the MSL decoder via a crafted MSL file     (bsc#1259450).
    - CVE-2026-28688: heap use-after-free in the MSL encoder when a cloned image is destroyed twice     (bsc#1259451).
    - CVE-2026-28689: `domain='path'` authorization is checked before final file open/use and allows for     read/write bypass       via symlink swaps (bsc#1259452).
    - CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow     (bsc#1259456).
    - CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference     (bsc#1259455).
    - CVE-2026-28692: 32-bit integer overflow in MAT decoder can lead to a heap buffer over-read     (bsc#1259457).
    - CVE-2026-28693: integer overflow in the DIB coder can lead to an out-of-bounds read or write     (bsc#1259466).
    - CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write     (bsc#1259467).
    - CVE-2026-30929: improper use of fixed-size stack buffer in `MagnifyImage`can lead to a stack buffer     overflow       (bsc#1259468).
    - CVE-2026-30936: heap buffer overflow in `WaveletDenoiseImage` (bsc#1259464).
    - CVE-2026-30937: heap buffer overflow in XWD encoder due to CARD32 arithmetic overflow (bsc#1259463).
    - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing     extremely       large images (bsc#1259528).
    - CVE-2026-32259: memory allocation failure in the SIXEL encoder can lead to a stack out-of-bound write     (bsc#1259612).
    - CVE-2026-32636: denial of service via out-of-bounds write in `NewXMLTree` method (bsc#1259872).
    - CVE-2026-33535: out-of-Bounds write of a zero byte in X11 display interaction (bsc#1260874).
    - CVE-2026-33536: denial of Service via a stack out-of-bounds write in `InterpretImageFilename`     (bsc#1260879).
    - CVE-2026-33905: denial of service via out-of-bounds read in `-sample` operation (bsc#1262097).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote host has a version of ImageMagick installed that is prior to 6.9.13-44 and 7.x prior to 7.1.2-19. It is, therefore, affected by multiple vulnerabilities:

  - A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing     a crafted image. (CVE-2026-33901)

  - Magick frees the memory of the XML tree via the `DestroyXMLTree()` function; however, this process is executed     recursively with no depth limit imposed. When Magick processes an XML file with deeply nested structures,     it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack. (CVE-2026-33908)

  - A heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index.
    (CVE-2026-40310)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset     is set through the `sample:offset` define that could lead to an out of bounds read. This issue has been     fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33905)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
311814	Debian dsa-6245 : imagemagick - security update	Nessus	Debian Local Security Checks	critical
311545	Debian dla-4559 : imagemagick - security update	Nessus	Debian Local Security Checks	high
311488	Debian dsa-6240 : imagemagick - security update	Nessus	Debian Local Security Checks	high
311318	Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1611)	Nessus	Amazon Linux Local Security Checks	high
311220	Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3278 (ALAS-2026-3278)	Nessus	Amazon Linux Local Security Checks	high
311150	Photon OS 5.0: Imagemagick PHSA-2026-5.0-0830	Nessus	PhotonOS Local Security Checks	high
310894	Photon OS 4.0: Imagemagick PHSA-2026-4.0-1002	Nessus	PhotonOS Local Security Checks	high
310242	SUSE SLES15 Security Update : ImageMagick (SUSE-SU-2026:1597-1)	Nessus	SuSE Local Security Checks	high
310237	SUSE SLES12 Security Update : ImageMagick (SUSE-SU-2026:1596-1)	Nessus	SuSE Local Security Checks	high
310224	SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2026:1598-1)	Nessus	SuSE Local Security Checks	high
310088	openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2026:20606-1)	Nessus	SuSE Local Security Checks	high
309120	SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2026:1497-1)	Nessus	SuSE Local Security Checks	high
306547	ImageMagick < 6.9.13-44 / 7.x < 7.1.2-19 Multiple Vulnerabilities	Nessus	Misc.	high
306414	Linux Distros Unpatched Vulnerability : CVE-2026-33905	Nessus	Misc.	high

Detections

Analytics

CVE-2026-33905

high

Tenable Plugins

critical

high

high

high

high

high

high

high

high

high

high

high

high

high