CVE-2026-33536

CVSS v3.1

5.1

Medium

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-18 ImageMagick versions prior to 6.9.13-43

Description ImageMagick is free and open-source software used for editing and manipulating digital images. Due to an incorrect return value on certain platforms, a pointer is incremented past the end of a buffer on the stack, potentially resulting in an out-of-bounds write. The issue occurs when a specific function returns an incorrect value, leading to memory corruption.

Recommendations Versions prior to 7.1.2-18 should be updated to version 7.1.2-18 or later. Versions prior to 6.9.13-43 should be updated to version 6.9.13-43 or later.

Exploit

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

CVE-2026-33536

ECHO-F535-0049-4D66

GHSA-8793-7XV6-82CF

OESA-2026-1717

OESA-2026-1718

OESA-2026-1719

OESA-2026-1720

OESA-2026-1721

OESA-2026-1722

OPENSUSE-SU-2026:10465-1

OPENSUSE-SU-2026:20606-1

SUSE-SU-2026:1201-1

SUSE-SU-2026:1202-1

SUSE-SU-2026:1203-1

SUSE-SU-2026:1497-1

SUSE-SU-2026:21380-1

Affected Products

Imagemagick

CVE-2026-33536

Weakness Enumeration

Related Identifiers

Affected Products

References · 108