Policy Check Vulnerability in ImageMagick Software by ImageMagick
CVE-2026-55628
5.5MEDIUM
What is CVE-2026-55628?
In versions prior to 7.1.2-26he of ImageMagick, the implementation of the -concatenate operation lacked proper policy checks. This oversight allowed unauthorized reading and writing to paths that should have been restricted according to the security policy. Users are advised to update to version 7.1.2-26 or later to mitigate this risk and enhance their system's security.
Affected Version(s)
ImageMagick < 7.1.2-26