{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28687", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-02T21:43:19.927Z", "datePublished": "2026-03-09T21:37:24.006Z", "dateUpdated": "2026-03-10T16:01:57.138Z"}, "containers": {"cna": {"title": "ImageMagick has a Heap Use-After-Free in ImageMagick MSL decoder", "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "lang": "en", "description": "CWE-416: Use After Free", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q"}], "affected": [{"vendor": "ImageMagick", "product": "ImageMagick", "versions": [{"version": ">= 7.0.0, < 7.1.2-16", "status": "affected"}, {"version": "< 6.9.13-41", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-09T21:37:24.006Z"}, "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41."}], "source": {"advisory": "GHSA-fpvf-frm6-625q", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-10T16:01:50.513169Z", "id": "CVE-2026-28687", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-10T16:01:57.138Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28687", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-10T16:01:50.513169Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-10T16:01:53.982Z"}}], "cna": {"title": "ImageMagick has a Heap Use-After-Free in ImageMagick MSL decoder", "source": {"advisory": "GHSA-fpvf-frm6-625q", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "ImageMagick", "product": "ImageMagick", "versions": [{"status": "affected", "version": ">= 7.0.0, < 7.1.2-16"}, {"status": "affected", "version": "< 6.9.13-41"}]}], "references": [{"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q", "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416: Use After Free"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-09T21:37:24.006Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28687", "state": "PUBLISHED", "dateUpdated": "2026-03-10T16:01:57.138Z", "dateReserved": "2026-03-02T21:43:19.927Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-09T21:37:24.006Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFFB7C48-4211-4215-9C0B-D285B8E09CF1", "versionEndExcluding": "6.9.13-41", "vulnerable": true}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "matchCriteriaId": "865783BD-5A33-4D05-AF99-E6EFE76414D1", "versionEndExcluding": "7.1.2-16", "versionStartIncluding": "7.0.0-0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41."}], "id": "CVE-2026-28687", "lastModified": "2026-03-12T15:09:43.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-10T07:43:43.660", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "ImageMagick: ImageMagick: Heap use-after-free vulnerability allows denial of service via crafted MSL file", "id": "2445897", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445897"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-825", "details": ["A flaw was found in ImageMagick, free and open-source software used for editing and manipulating digital images. A heap use-after-free vulnerability in ImageMagick's MSL (Magick Scripting Language) decoder allows an attacker to trigger access to freed memory by crafting a malicious MSL file. This can lead to a denial of service."], "mitigation": {"lang": "en:us", "value": "To reduce the risk of exploitation, avoid processing untrusted or suspicious MSL files with ImageMagick. Implement strict input validation and ensure that ImageMagick only processes files from trusted sources. If ImageMagick is deployed in a server environment, consider isolating the application within a sandboxed environment to limit potential impact."}, "name": "CVE-2026-28687", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2026-03-09T21:37:24Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-28687\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-28687\nhttps://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q"], "statement": "MODERATE: This flaw in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by processing a specially crafted MSL file. This could lead to application crashes or potentially arbitrary code execution. Red Hat Enterprise Linux 6 ELS and 7 ELS are affected by this vulnerability.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[7.0.0,7.1.2-16)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.9.13-41)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "ImageMagick", "source": "cna", "vendor": "ImageMagick"}, "product": "imagemagick", "vendor": "imagemagick"}], "created": "2026-03-10T14:06:52.545753+00:00", "updated": "2026-03-10T14:06:52.545833+00:00", "vendors": ["imagemagick", "imagemagick$PRODUCT$imagemagick"]}