Home / Vulnerability Intelligence / CVE-2026-28693

CVE-2026-28693 - Vulnerability Analysis

HighCVSS: 8.1

Last Updated: March 11, 2026

ImageMagick - Integer Overflow

Published: March 10, 2026Updated: March 11, 2026Remote Exploitable

Overview

ImageMagick < 7.1.2-16 and < 6.9.13-41 contains an integer overflow caused by improper handling in DIB coder, letting attackers cause out of bounds read or write, exploit requires crafted image input.

Severity & Score

Severity: High

CVSS Score: 8.1

EPSS Score: 4.5%(Probability of exploitation in next 30 days)

Impact

Attackers can cause out of bounds read or write, potentially leading to memory corruption or denial of service.

Mitigation

Update to versions 7.1.2-16 or 6.9.13-41 or later.

References

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hffp-q43q-qq76

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 10, 2026

🟠 CVE-2026-28693 - High (8.1) ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixed in 7.1... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28693/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-28693
Severity: High
CVSS Score: 8.1
Type: integer_overflow
Status: unconfirmed
EPSS: 4.5%
Social Posts: 1

CWE

CWE-125

CVSS Metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.5%Probability of exploitation in the next 30 days