Loading market data...
← Back to CVE feed

CVE-2026-61858

LOW CVSS 3.3 View on NVD ↗

Description

ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Published: Jul 11, 2026 14:16 UTC Modified: Jul 11, 2026 14:16 UTC