Skip to main content

ImageMagick EUVDEUVD-2026-36183

| CVE-2026-48994 MEDIUM
Heap-based Buffer Overflow (CWE-122)
N/A vendor:alpine GHSA-4v89-6mgq-6rgc
5.9
CVSS 3.1 · Vendor: vendor:alpine
Share

Severity by source

Vendor (vendor:alpine) PRIMARY
5.9 MEDIUM
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from Vendor (vendor:alpine) · only source for this CVE.

CVSS VectorVendor: vendor:alpine

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Patch available
Jun 25, 2026 - 23:04 EUVD
CVSS changed
Jun 10, 2026 - 23:22 NVD
5.9 (MEDIUM)
Analysis Generated
Jun 10, 2026 - 09:01 vuln.today

DescriptionCVE.org

Alpine Linux: imagemagick fixed in 7.1.2.24-r0

AnalysisAI

ImageMagick on Alpine Linux received a security fix in package version 7.1.2.24-r0. The specific vulnerability class, impact, and affected versions prior to the fix have not been disclosed in the available intelligence. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Unknown attack vector
Exploit
Trigger uncharacterized vulnerability in ImageMagick
Impact
Unconfirmed impact

Vulnerability AssessmentAI

Exploitation Exploitation conditions are entirely unknown - no vulnerability description, CVSS vector, or CWE was provided. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Risk cannot be meaningfully assessed from the available data. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario The specific exploit scenario cannot be constructed from the available data, as the vulnerability type, attack vector, and required conditions are undisclosed. ImageMagick historically has been exploited by supplying crafted image files to trigger memory corruption or code execution in applications that process user-uploaded images. …
Remediation Upgrade the ImageMagick package on Alpine Linux to version 7.1.2.24-r0 or later using the standard Alpine package manager: 'apk upgrade imagemagick'. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-36183 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy