PT-2026-41686 · Imagemagick+5 · Imagemagick+19

Published

2026-05-18

·

Updated

2026-06-10

·

CVE-2026-42326

CVSS v3.1

5.1

Medium

VectorAV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)
Description A malicious input file can cause an out-of-bounds read of a single byte when writing an IPTC output file. An out-of-bounds read occurs when a program reads data past the end or before the beginning of the intended buffer.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Integer Underflow

Weakness Enumeration

CWE-125CWE-191

Related Identifiers

CVE-2026-42326
ECHO-5273-C4A4-86BD
GHSA-7WFF-WPR6-VMHM
OESA-2026-2386
OESA-2026-2387
OESA-2026-2388
OESA-2026-2389
OESA-2026-2463

Affected Products

Imagemagick
Magick.Net-Q16-Anycpu
Magick.Net-Q16-Hdri-Anycpu
Magick.Net-Q16-Hdri-Openmp-Arm64
Magick.Net-Q16-Hdri-Openmp-X64
Magick.Net-Q16-Hdri-Arm64
Magick.Net-Q16-Hdri-X64
Magick.Net-Q16-Hdri-X86
Magick.Net-Q16-Openmp-Arm64
Magick.Net-Q16-Openmp-X64
Magick.Net-Q16-Arm64
Magick.Net-Q16-X64
Magick.Net-Q16-X86
Magick.Net-Q8-Anycpu
Magick.Net-Q8-Openmp-Arm64
Magick.Net-Q8-Openmp-X64
Magick.Net-Q8-Arm64
Magick.Net-Q8-X64
Magick.Net-Q8-X86
Rootio-Imagemagick