PT-2026-51514 · Imagemagick · Imagemagick
Phenggeler
·
Published
2026-06-23
·
Updated
2026-06-23
·
CVE-2026-56379
CVSS v3.1
0.0
None
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N |
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering.
Fix
Improper Encoding or Escaping of Output
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Imagemagick