CVE-2026-30883

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-30883

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-30883.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2026-30883

Aliases

GHSA-qmw5-2p58-xvrc

Downstream

DEBIAN-CVE-2026-30883

DSA-6169-1

ECHO-78f1-a5b3-cb19

MGASA-2026-0067

MINI-q343-7w8j-chm9

OESA-2026-1692

OESA-2026-1693

OESA-2026-1694

OESA-2026-1695

OESA-2026-1696

OESA-2026-1697

ROOT-OS-DEBIAN-11-CVE-2026-30883

ROOT-OS-DEBIAN-12-CVE-2026-30883

SUSE-SU-2026:0938-1

SUSE-SU-2026:1201-1

SUSE-SU-2026:1202-1

SUSE-SU-2026:1203-1

SUSE-SU-2026:1497-1

SUSE-SU-2026:20917-1

UBUNTU-CVE-2026-30883

USN-8127-1

openSUSE-SU-2026:10386-1

openSUSE-SU-2026:10391-1

openSUSE-SU-2026:20405-1

openSUSE-SU-2026:20441-1

Related

Published

2026-03-09T21:45:55.110Z

Modified

2026-05-15T04:14:34.350617446Z

Severity

5.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H CVSS Calculator

Summary

ImageMagick has a Heap Overflow when writing extremely large image profile in the PNG encoder

Details

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Database specific

{
    "cwe_ids": [
        "CWE-119"
    ],
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "fixed": "6.9.13-41"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/30xxx/CVE-2026-30883.json",
    "cna_assigner": "GitHub_M"
}

References

Affected packages