PT-2026-42814 · Unknown+1 · Imagemagick+1

CVE-2026-47166

·

Published

2026-05-21

·

Updated

2026-07-15

CVSS v3.1

5.7

Medium

VectorAV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions ImageMagick (affected versions not specified)
Description An attacker capable of connecting to a magick -distribute-cache service can trigger a heap buffer over-read in the server process. A heap buffer over-read occurs when a program reads data past the end of the intended buffer on the heap, potentially leading to information disclosure or application crashes.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Out of bounds Read

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-10014
CVE-2026-47166
ECHO-0D78-6C28-581D
GHSA-6GXQ-F64P-5W6F
OESA-2026-2386
OESA-2026-2387
OESA-2026-2388
OESA-2026-2389
OESA-2026-2463
OPENSUSE-SU-2026:11061-1
OPENSUSE-SU-2026:21071-1
SUSE-SU-2026:22378-1
SUSE-SU-2026:2580-1
SUSE-SU-2026:2877-1
SUSE-SU-2026:3023-1
SUSE-SU-2026:3024-1

Affected Products

Imagemagick
Red Os