CVE-2026-33899 | ImageMagick up to 6.9.13-43/7.1.2-18 XML File Parser heap-based overflow (GHSA-cr67-pvmx-2pp2)

A vulnerability classified as critical was found in ImageMagick up to 6.9.13-43/7.1.2-18. Impacted is an unknown function of the component XML File Parser. The manipulation results in heap-based buffer overflow.

This vulnerability is reported as CVE-2026-33899. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More