Multiple Critical Vulnerabilities in ImageMagick Affecting Mageia and SUSE Systems

Multiple Critical Vulnerabilities in ImageMagick Affecting Mageia and SUSE Systems

First seen 14 Jul 2026, 17:57 UTC Linuxsecurity 79% similarity 74.0

Article Content

Browse articles
ThreatCluster

Recent updates for ImageMagick have addressed numerous critical vulnerabilities affecting Mageia and SUSE systems. Mageia's advisory (MGASA-2026-0252) published on July 14, 2026, lists multiple CVEs, including CVE-2026-25797, CVE-2026-48724, and CVE-2026-53460, among others. These vulnerabilities include code injection, heap buffer over-writes, and stack overflows, which can lead to severe security breaches. Similarly, SUSE's advisory (SUSE-SU-2026:2877-1) from July 13, 2026, highlights issues such as integer overflow and heap information disclosure. The vulnerabilities can be exploited through crafted images, impacting users who utilize ImageMagick for image processing. Security teams are urged to apply patches immediately to mitigate risks associated with these vulnerabilities. The situation is critical, with active exploitation potential for several of the disclosed CVEs.

Key Points: • Mageia and SUSE systems are affected by multiple critical vulnerabilities in ImageMagick. • Vulnerabilities include code injection, heap over-writes, and stack overflows. • Immediate patching is necessary to mitigate risks from these vulnerabilities.

ThreatCluster AI

Timeline

2026-02-24
CVE-2026-25797 published
A code injection vulnerability in the HTML encoder was disclosed, leading to potential exploitation.
Linuxsecurity
2026-06-10
Multiple CVEs published
Several vulnerabilities including CVE-2026-48724 and CVE-2026-53460 were disclosed, affecting ImageMagick.
Linuxsecurity
2026-06-10
CVE-2026-53461 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-10
CVE-2026-48994 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-10
CVE-2026-53465 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-10
CVE-2026-53464 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-10
CVE-2026-53462 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-10
CVE-2026-49218 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-10
CVE-2026-53463 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-10
CVE-2026-48724 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE

Community

Browse all →