CVE-2026-25965 | ImageMagick up to 6.9.13-39/7.1.2-14 Image Parser file inclusion (GHSA-8jvj-p28h-9gm7)

Inserito da Angelo Barbosa | Feb 24, 2026 | CVE

A vulnerability has been found in ImageMagick up to 6.9.13-39/7.1.2-14 and classified as critical. The impacted element is an unknown function of the component Image Parser. This manipulation causes file inclusion.

This vulnerability is tracked as CVE-2026-25965. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-25965 | ImageMagick up to 6.9.13-39/7.1.2-14 Image Parser file inclusion (GHSA-8jvj-p28h-9gm7)

Post correlati

CVE-2024-10458 | Mozilla Firefox up to 131 permission

CVE-2025-65019 | withastro up to 5.15.8 Image Optimization Endpoint isRemoteAllowed cross site scripting

CVE-2025-71246 | SPIP up to 4.4.7 echapper_html_suspect cross site scripting

CVE-2024-3759 | OpenHarmony up to 4.0.0 TCB use after free