PatchSiren cyber security CVE debrief
CVE-2026-25965 ImageMagick CVE debrief
CVE-2026-25965 is a high-severity vulnerability in ImageMagick, a free and open-source software used for editing and manipulating digital images. The vulnerability has a CVSS score of 8.6 and is classified as HIGH. It was published on February 24, 2026, and modified on June 30, 2026. The vulnerability allows local file disclosure (LFI) due to a path traversal issue in ImageMagick's path security policy. This issue enables attackers to bypass policy rules and access sensitive files.
- Vendor
- ImageMagick
- Product
- Unknown
- CVSS
- HIGH 8.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-24
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-02-24
- Advisory updated
- 2026-06-30
Who should care
Organizations using ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 should be concerned about this vulnerability. Additionally, users who have applied the policy-secure.xml configuration but have not updated their ImageMagick versions are also at risk. It is essential for these organizations to take immediate action to mitigate the vulnerability.
Technical summary
The vulnerability is caused by ImageMagick's path security policy being enforced on the raw filename string before the filesystem resolves it. This allows policy rules to be bypassed, enabling local file disclosure. The issue can be mitigated by updating to ImageMagick versions 7.1.2-15 or 6.9.13-40. Furthermore, adding specific configurations to one's policy can prevent writing to files and ensure that the policy is enforced correctly.
Defensive priority
High priority should be given to updating ImageMagick to versions 7.1.2-15 or 6.9.13-40. Additionally, organizations should review and update their policy configurations to prevent potential bypasses.
Recommended defensive actions
- Update ImageMagick to version 7.1.2-15 or 6.9.13-40.
- Review and update policy configurations to prevent potential bypasses.
- Monitor for any suspicious activity related to ImageMagick.
- Perform regular vulnerability assessments and penetration testing.
- Implement compensating controls, such as restricting access to sensitive files.
Evidence notes
The vulnerability was published on February 24, 2026, and modified on June 30, 2026. The CVSS score is 8.6, and the severity is classified as HIGH. The vulnerability affects ImageMagick versions prior to 7.1.2-15 and 6.9.13-40.
Official resources
-
CVE-2026-25965 CVE record
CVE.org
-
CVE-2026-25965 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article is AI-assisted and based on the supplied source corpus.