PT-2026-57445 · Unknown · Imagemagick

Rexpository

·

Published

2026-07-11

·

Updated

2026-07-11

·

CVE-2026-61858

CVSS v3.1

3.3

Low

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-26
Description A policy bypass exists in the APNG encoder and external delegates caused by missing validation checks. This allows attackers to bypass configured policy restrictions during the APNG encoding process to write files to disallowed paths.
Recommendations Update to version 7.1.2-26 or later.

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-61858

Affected Products

Imagemagick