Cyber Resilience

CVE-2026-28693

HighUpdated

Published: 10 March 2026

Published
10 March 2026
Modified
30 June 2026
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0024 15.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-28693 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Imagemagick Imagemagick. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 15.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-28693 is an integer overflow vulnerability in the DIB coder of ImageMagick, a free and open-source software suite for editing and manipulating digital images. The flaw affects ImageMagick versions prior to 7.1.2-16 and 6.9.13-41, where improper handling of image data can lead to out-of-bounds read or write operations. It is associated with CWE-125 (Out-of-bounds Read), CWE-190 (Integer Overflow or Wraparound), and CWE-787 (Out-of-bounds Write), and carries a CVSS v3.1 base score of 8.1 (High).

The vulnerability can be exploited remotely over a network by unauthenticated attackers (PR:N) without requiring user interaction (UI:N), though it demands high attack complexity (AC:H) and does not change the scope (S:U). Successful exploitation enables high-impact consequences, including unauthorized disclosure of sensitive information (C:H), modification of data or system integrity (I:H), and denial of service via availability disruption (A:H), such as through memory corruption.

The ImageMagick security advisory at https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hffp-q43q-qq76 confirms the issue and states that it is fixed in versions 7.1.2-16 and 6.9.13-41. Security practitioners should update to these patched releases to mitigate the vulnerability.

EU & UK References

Vulnerability details

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixed in 7.1.2-16…

more

and 6.9.13-41.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Integer overflow in ImageMagick DIB coder enables remote unauthenticated exploitation of public-facing apps (T1190) processing images over the network, with memory corruption directly supporting application DoS via exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-32636Same product: Imagemagick Imagemagick
CVE-2026-25970Same product: Imagemagick Imagemagick
CVE-2026-25898Same product: Imagemagick Imagemagick
CVE-2026-25986Same product: Imagemagick Imagemagick
CVE-2026-33900Same product: Imagemagick Imagemagick
CVE-2026-25967Same product: Imagemagick Imagemagick
CVE-2026-25897Same product: Imagemagick Imagemagick
CVE-2026-25968Same product: Imagemagick Imagemagick
CVE-2026-33901Same product: Imagemagick Imagemagick
CVE-2026-25983Same product: Imagemagick Imagemagick

Affected Assets

imagemagick
imagemagick
≤ 6.9.13-41 · 7.0.0-0 — 7.1.2-16

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely patching of the integer overflow in ImageMagick's DIB coder, as fixed in versions 7.1.2-16 and 6.9.13-41, to eliminate the vulnerability.

prevent

Implements memory protections such as ASLR and DEP to prevent exploitation of out-of-bounds reads/writes caused by the integer overflow in ImageMagick.

prevent

Enforces validation and sanitization of image inputs to the DIB coder in ImageMagick to block malformed data triggering the integer overflow.

References