SecAlerts
CVE ListPricingSign Up
imagemagick logo

imagemagick

Security Risk Profile

37
/100
low

Security Risk Score

Comprehensive risk assessment based on 864 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from July 4, 2003 to present

864
Total CVEs
335
Critical+High
3
Exploited
30
Unpatched

Threat Assessment

Avg CVSS
6.5
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
30
Critical/High
Risk Level
37/100
low
⚠️ 3 Active Exploits🆕 2Fresh (<7d)📈 3 in Last 30 Days

Severity Distribution

Critical
54
High
281
Medium
478
Low
40

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
57

Age Distribution

Common Weaknesses (CWE)

1
Buffer Overflow
141
2
Integer Overflow
64
3
Null Pointer Dereference
41
4
Input Validation
33
5
Use After Free
26

Most Affected Products

1. ImageMagick2659
2. ImageMagick ImageMagick930
3. debian/imagemagick387
4. Canonical Ubuntu Linux383
5. Debian Debian Linux273

Recent Vulnerabilities

See more →
https://seclists.org/oss-sec/2026/q2/652
unknown

On the issue of MIME handlers that execute arbitrary code (e.g. Wine)

5/21/2026🔧 No Patch
CVE-2026-42050
CVSS 5.5medium

ImageMagick: Stack buffer overflow in XTileImage

5/11/2026🔧 No Patch
CVE-2026-40312
CVSS 6.2medium

ImageMagick: Off-by-One in MSL decoder could result in crash

4/13/2026
CVE-2026-40311
CVSS 5.5medium

ImageMagick: Heap-use-after-free via XMP profile could result in a crash when printing values

4/13/2026
CVE-2026-40310
CVSS 5.5medium

ImageMagick: Heap out-of-bounds write in JP2 encoder

4/13/2026
CVE-2026-40183
CVSS 5.5medium

ImageMagick: Heap buffer overflow when encoding JXL image with a 16-bit float

4/13/2026
CVE-2026-40169
CVSS 6.2medium

ImageMagick: Heap buffer overflow (WRITE) in the YAML and JSON encoders

4/13/2026
CVE-2026-33908
CVSS 7.5high

ImageMagick is vulnerable to Stack Overflow in DestroyXMLTree()

4/13/2026
CVE-2026-33905
CVSS 7.1high

ImageMagick has an Out-of-Bounds read via -sample operation

4/13/2026
CVE-2026-33902
CVSS 5.5medium

ImageMagick: Stack Overflow via Recursive FX Expression Parsing

4/13/2026

Monitor imagemagick in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.

imagemagick Security Vulnerabilities & Risk Score | 864 CVEs | SecAlerts - SecAlerts