CVE-2026-32636 | ImageMagick up to 6.9.13-41/7.1.2-16 Image Parser NewXMLTree out-of-bounds write (GHSA-gc62-2v5p-qpmp)

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability has been found in ImageMagick up to 6.9.13-41/7.1.2-16 and classified as critical. Affected by this issue is the function NewXMLTree of the component Image Parser. Performing a manipulation results in out-of-bounds write.

This vulnerability is reported as CVE-2026-32636. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-32636 | ImageMagick up to 6.9.13-41/7.1.2-16 Image Parser NewXMLTree out-of-bounds write (GHSA-gc62-2v5p-qpmp)

Post correlati

CVE-2024-9455 | WP Cleanup and Basic Functions Plugin up to 2.2.1 on WordPress SVG File Upload cross site scripting

CVE-2022-25037 | wanEditor 4.7.11 Image Upload cross site scripting (Issue 3870)

CVE-2025-54792 | LocalSend up to 1.17.0 channel accessible (GHSA-424h-5f6m-x63f)

CVE-2023-46360 | Hardy Barth cPH2 eCharge Ladestation up to 1.87.0 unnecessary privileges