CVE-2026-61858 - CERT CVE
ID CVE-2026-61858
Sažetak ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process.
Reference
CVSS
Base: 3.3
Impact: 1.4
Exploitability:1.8
Pristup
VektorSloženostAutentikacija
LOCAL LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
NONE LOW NONE
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Zadnje važnije ažuriranje 11-07-2026 - 14:16
Objavljeno 11-07-2026 - 14:16