ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json output, resulting in a crash. This issue has been fixed in version 7.1.2-19.

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6240 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6240-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     May 01, 2026                          https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : imagemagick     CVE ID         : CVE-2026-32636 CVE-2026-33535 CVE-2026-33536 CVE-2026-33899                      CVE-2026-33900 CVE-2026-33901 CVE-2026-33902 CVE-2026-33905                      CVE-2026-33908 CVE-2026-34238 CVE-2026-40169 CVE-2026-40183                      CVE-2026-40310 CVE-2026-40311 CVE-2026-40312

    Multiple security vulnerabilities were discovered in imagemagick, a     software suite used for editing and manipulating digital images, which     could lead to denial of service, information disclosure or potentially     arbitrary code execution if malformed images are processed.

    For the stable distribution (trixie), these problems have been fixed in     version 8:7.1.1.43+dfsg1-1+deb13u8.

    We recommend that you upgrade your imagemagick packages.

    For the detailed security status of imagemagick please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/imagemagick

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1611 advisory.

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-189 and 6.9.13-44, when `Magick` parses an XML file it is possible that a single zero byte is     written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33899)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset     is set through the `sample:offset` define that could lead to an out of bounds read. This issue has been     fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33905)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the `DestroyXMLTree()`     function; however, this process is executed recursively with no depth limit imposed. When Magick processes     an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of     Service (DoS) attack. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33908)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json     output, resulting in a crash. This issue has been fixed in version 7.1.2-19. (CVE-2026-40169)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions     below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user     specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
    (CVE-2026-40310)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions     below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when     reading and printing values from an invalid XMP profile. This issue has been fixed in versions 6.9.13-44     and 7.1.2-19. (CVE-2026-40311)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3278 advisory.

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 `display` interaction path     that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue. (CVE-2026-33535)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to     7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented     past the end of a buffer that is on the stack and that could result in an out of bounds write. Versions     7.1.2-18 and 6.9.13-43 patch the issue. (CVE-2026-33536)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-189 and 6.9.13-44, when `Magick` parses an XML file it is possible that a single zero byte is     written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33899)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset     is set through the `sample:offset` define that could lead to an out of bounds read. This issue has been     fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33905)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the `DestroyXMLTree()`     function; however, this process is executed recursively with no depth limit imposed. When Magick processes     an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of     Service (DoS) attack. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19. (CVE-2026-33908)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json     output, resulting in a crash. This issue has been fixed in version 7.1.2-19. (CVE-2026-40169)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions     below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user     specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
    (CVE-2026-40310)

    ImageMagick is free and open-source software used for editing and manipulating digital images. Versions     below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when     reading and printing values from an invalid XMP profile. This issue has been fixed in versions 6.9.13-44     and 7.1.2-19. (CVE-2026-40311)

    ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is     read. This issue has been fixed in version 7.1.2-19. (CVE-2026-40312)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the ImageMagick package has been released.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1597-1 advisory.

    - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing (bsc#1262154).
    - CVE-2026-33900: Denial of Service via integer truncation in viff encoder (bsc#1262156).
    - CVE-2026-33901: Denial of Service due to heap buffer overflow in MVG decoder (bsc#1262155).
    - CVE-2026-33905: Denial of service via out-of-bounds read in -sample operation (bsc#1262097).
    - CVE-2026-33908: Denial of Service via deeply nested XML file processing (bsc#1262152).
    - CVE-2026-34238: Denial of Service via integer overflow in despeckle operation (bsc#1262147).
    - CVE-2026-40169: Denial of Service via crafted image leading to out-of-bounds write (bsc#1262150).
    - CVE-2026-40183: Denial of Service via heap write overflow in JXL encoder (bsc#1262145).
    - CVE-2026-40310: Denial of service via heap out-of-bounds write in JP2 encoder (bsc#1262148).
    - CVE-2026-40311: Denial of Service via heap use-after-free in XMP profile processing (bsc#1262146).
    - CVE-2026-40312: Denial of Service via malicious MSL file processing (bsc#1262149).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1598-1 advisory.

    - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing (bsc#1262154).
    - CVE-2026-33900: Denial of Service via integer truncation in viff encoder (bsc#1262156).
    - CVE-2026-33901: Denial of Service due to heap buffer overflow in MVG decoder (bsc#1262155).
    - CVE-2026-33902: Denial of Service via deeply nested expression in FX parser (bsc#1262153).
    - CVE-2026-33905: Denial of service via out-of-bounds read in -sample operation (bsc#1262097).
    - CVE-2026-33908: Denial of Service via deeply nested XML file processing (bsc#1262152).
    - CVE-2026-34238: Denial of Service via integer overflow in despeckle operation (bsc#1262147).
    - CVE-2026-40169: Denial of Service via crafted image leading to out-of-bounds write (bsc#1262150).
    - CVE-2026-40183: Denial of Service via heap write overflow in JXL encoder (bsc#1262145).
    - CVE-2026-40310: Denial of service via heap out-of-bounds write in JP2 encoder (bsc#1262148).
    - CVE-2026-40311: Denial of Service via heap use-after-free in XMP profile processing (bsc#1262146).
    - CVE-2026-40312: Denial of Service via malicious MSL file processing (bsc#1262149).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20606-1 advisory.

    - CVE-2026-32259: stack out-of-bounds write due to a memory allocation failure in the sixel encoder can     lead to a crash       (bsc#1259612).
    - CVE-2026-32636: out-of-bounds write of a single zero byte due to bug the `NewXMLTree` method can lead to     denial of       service (bsc#1259872).
    - CVE-2026-33535: out-of-bounds write of a zero byte in X11 `display` interaction path can lead to a crash       (bsc#1260874).
    - CVE-2026-33536: stack out-of-bounds write due to incorrect return value on certain platforms can lead to     a denial of       service (bsc#1260879).
    - CVE-2026-33899: out-of-bounds write of single zero byte in XML parsing can lead to a denial of service     (bsc#1262154).
    - CVE-2026-33900: heap out-of-bounds write due to integer truncation in viff encoder can lead to a crash     (bsc#1262156).
    - CVE-2026-33901: heap buffer overflow in the MVG decoder can lead to memory corruption or a crash     (bsc#1262155).
    - CVE-2026-33902: stack buffer overflow in the FX expression parser can lead to a process crash     (bsc#1262153).
    - CVE-2026-33905: out-of-bounds read in `-sample` operation can lead to a denial of service (bsc#1262097).
    - CVE-2026-33908: recursive execution with no depth limit imposed when processing XML files can lead to     resource       exhaustion and a denial of service (bsc#1262152).
    - CVE-2026-34238: heap buffer overflow due to integer overflow in the despeckle operation can lead to a     denial of       service (bsc#1262147).
    - CVE-2026-40169: out-of-bounds heap write when processing a crafted image and writing a YAML or JSON     output can lead       to a crash (bsc#1262150).
    - CVE-2026-40183: heap out-of-bounds write in the JXL encoder can lead to a denial of service     (bsc#1262145).
    - CVE-2026-40310: heap out-of-bounds write in the JP2 encoder can lead to a denial of service     (bsc#1262148).
    - CVE-2026-40311: heap use-after-free when reading and printing values from an invalid XMP profile can     lead to a denial       of service (bsc#1262146).
    - CVE-2026-40312: off-by-one error in the MSL decoder can lead to a crash (bsc#1262149).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions     below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json     output, resulting in a crash. This issue has been fixed in version 7.1.2-19. (CVE-2026-40169)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
311488	Debian dsa-6240 : imagemagick - security update	Nessus	Debian Local Security Checks	high
311318	Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1611)	Nessus	Amazon Linux Local Security Checks	high
311220	Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3278 (ALAS-2026-3278)	Nessus	Amazon Linux Local Security Checks	high
311150	Photon OS 5.0: Imagemagick PHSA-2026-5.0-0830	Nessus	PhotonOS Local Security Checks	high
310894	Photon OS 4.0: Imagemagick PHSA-2026-4.0-1002	Nessus	PhotonOS Local Security Checks	high
310242	SUSE SLES15 Security Update : ImageMagick (SUSE-SU-2026:1597-1)	Nessus	SuSE Local Security Checks	high
310224	SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2026:1598-1)	Nessus	SuSE Local Security Checks	high
310088	openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2026:20606-1)	Nessus	SuSE Local Security Checks	high
306413	Linux Distros Unpatched Vulnerability : CVE-2026-40169	Nessus	Misc.	medium

Detections

Analytics

CVE-2026-40169

medium

Tenable Plugins

high

high

high

high

high

high

high

high

medium