{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T19:48:08.203","vulnerabilities":[{"cve":{"id":"CVE-2026-28688","sourceIdentifier":"security-advisories@github.com","published":"2026-03-10T07:43:43.813","lastModified":"2026-03-12T15:08:20.260","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing MSL so the write capability has been removed. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41."},{"lang":"es","value":"ImageMagick es un software libre y de código abierto utilizado para editar y manipular imágenes digitales. Antes de las versiones 7.1.2-16 y 6.9.13-41, existe una vulnerabilidad de uso después de liberación de heap en el codificador MSL, donde una imagen clonada es destruida dos veces. El codificador MSL no soporta la escritura de MSL, por lo que la capacidad de escritura ha sido eliminada. Esta vulnerabilidad está corregida en 7.1.2-16 y 6.9.13-41."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.5,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*","versionEndExcluding":"6.9.13-41","matchCriteriaId":"EFFB7C48-4211-4215-9C0B-D285B8E09CF1"},{"vulnerable":true,"criteria":"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0-0","versionEndExcluding":"7.1.2-16","matchCriteriaId":"865783BD-5A33-4D05-AF99-E6EFE76414D1"}]}]}],"references":[{"url":"https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xxw5-m53x-j38c","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}