Cyber Resilience

CVE-2026-33855

Medium

Published: 24 March 2026

Published
24 March 2026
Modified
26 March 2026
KEV Added
Patch
CVSS Score v3.1 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score 0.0003 9.8th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-33855 is a medium-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Molotovcherry Android-Imagemagick7. Its CVSS base score is 5.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious Image (T1204.003); ranked at the 9.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2026-33855 is an Integer Overflow or Wraparound vulnerability (CWE-190) in the MolotovCherry Android-ImageMagick7 library. This issue affects versions of Android-ImageMagick7 prior to 7.1.2-11. Published on 2026-03-24, it carries a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H), indicating medium severity with primary impact on availability.

A local attacker requires no privileges but must rely on user interaction to exploit the vulnerability. By tricking a user into processing a maliciously crafted image file with the affected library, the attacker can trigger the integer overflow, resulting in a denial of service such as application crash or resource exhaustion, with no impact on confidentiality or integrity.

Mitigation is addressed in the GitHub pull request at https://github.com/MolotovCherry/Android-ImageMagick7/pull/187, which fixes the issue in version 7.1.2-11. Affected Android applications should update the Android-ImageMagick7 library to 7.1.2-11 or later to prevent exploitation.

EU & UK References

Vulnerability details

Integer Overflow or Wraparound vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1204.003 Malicious Image Execution
Adversaries may rely on a user running a malicious image to facilitate execution.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Integer overflow in image processing library enables DoS via crafted image requiring user interaction to open/process (T1204.003) and application exploitation for availability impact (T1499.004).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-33856Same product: Molotovcherry Android-Imagemagick7
CVE-2026-33853Same product: Molotovcherry Android-Imagemagick7
CVE-2026-4755Same product: Molotovcherry Android-Imagemagick7
CVE-2026-33854Same product: Molotovcherry Android-Imagemagick7
CVE-2026-33852Same product: Molotovcherry Android-Imagemagick7
CVE-2026-4756Same product: Molotovcherry Android-Imagemagick7
CVE-2026-33040Shared CWE-190
CVE-2026-6773Shared CWE-190
CVE-2026-27951Shared CWE-190
CVE-2025-29072Shared CWE-190

Affected Assets

molotovcherry
android-imagemagick7
≤ 7.1.2-11

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely remediation by updating the vulnerable Android-ImageMagick7 library to version 7.1.2-11 or later to eliminate the integer overflow vulnerability.

detect

Vulnerability scanning identifies systems using vulnerable versions of Android-ImageMagick7 affected by CVE-2026-33855.

prevent

Validates image file inputs prior to processing to block maliciously crafted images that trigger the integer overflow leading to denial of service.

References