Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ImageMagick | ImageMagick | affected |
|
Configuration 1 [-]
|
No data.
| Vendor | Product | Confidence | Versions | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Imagemagick | Imagemagick | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-4609-1 | imagemagick security update |
 Debian DSA |
DSA-6298-1 | imagemagick security update |
| Debian DSA |
DSA-6310-1 | imagemagick security update |
 Github GHSA |
GHSA-6gxq-f64p-5w6f | ImageMagick: Heap Buffer Over-Read in distributed pixel cache server |
Sat, 13 Jun 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Thu, 11 Jun 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:* |
Thu, 11 Jun 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 10 Jun 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Imagemagick
Imagemagick imagemagick |
|
| Vendors & Products |
Imagemagick
Imagemagick imagemagick |
Wed, 10 Jun 2026 22:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been patched in versions 6.9.13-48 and 7.1.2-23. | |
| Title | ImageMagick: Heap Buffer Over-Read in distributed pixel cache server | |
| Weaknesses | CWE-125 CWE-287 |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-06-11T14:34:58.309Z
Reserved: 2026-05-18T21:25:34.497Z
Link: CVE-2026-47166
Vulnrichment
Updated: 2026-06-11T14:34:53.482Z
NVD
Status : Analyzed
Published: 2026-06-10T23:16:48.180
Modified: 2026-06-11T18:42:44.020
Link: CVE-2026-47166
Redhat
OpenCVE Enrichment
Updated: 2026-06-10T23:30:44Z