CVE-2026-28693 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: March 11, 2026
ImageMagick - Integer Overflow
Overview
ImageMagick < 7.1.2-16 and < 6.9.13-41 contains an integer overflow caused by improper handling in DIB coder, letting attackers cause out of bounds read or write, exploit requires crafted image input.
Severity & Score
Impact
Attackers can cause out of bounds read or write, potentially leading to memory corruption or denial of service.
Mitigation
Update to versions 7.1.2-16 or 6.9.13-41 or later.
Social Media Activity(1 post)
#OT #Advisory VDE-2026-021 WAGO: Multiple Vulnerabilities in WAGO VC Hub The VC Hub incorporates the Magick.NET‑Q16‑AnyCPU component, derived from ImageMagick, to process user‑uploaded images and generate thumbnails within the projects image library. Only authenticated users with the Design Project Permission can upload images. #CVE CVE-2026-25983, CVE-2026-25897, CVE-2026-25987, CVE-2026-25898, CVE-2026-25794, CVE-2026-28693, CVE-2026-25966, CVE-2026-30929, CVE-2026-28691, CVE-2026-26283, CVE-2026-26066, CVE-2026-25989, CVE-2026-25988, CVE-2026-25985, CVE-2026-25969, CVE-2026-25967, CVE-2026-25965, CVE-2026-25799, CVE-2026-25798, CVE-2026-25796, CVE-2026-25795, CVE-2026-24485, CVE-2026-24481, CVE-2026-28494, CVE-2026-30937, CVE-2026-30931, CVE-2026-28686, CVE-2026-28690, CVE-2026-28493, CVE-2026-28689, CVE-2026-30883, CVE-2026-31853, CVE-2026-30936, CVE-2026-28687, CVE-2026-28688, CVE-2026-26983, CVE-2026-25797, CVE-2026-25638, CVE-2026-25637, CVE-2026-24484, CVE-2026-25576, CVE-2026-28692, CVE-2026-30935, CVE-2026-27799, CVE-2026-27798 https://certvde.com/en/advisories/vde-2026-021/ #CSAF https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-021.json
View original postRelated Resources
Details
- CVE ID
- CVE-2026-28693
- Severity
- High
- CVSS Score
- 8.1
- Type
- integer_overflow
- Status
- unconfirmed
- EPSS
- 5.9%
- Social Posts
- 1
CWE
- CWE-125
CVSS Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H