Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 02 Jul 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-1220 | |
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Thu, 02 Jul 2026 04:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Imagemagick
Imagemagick imagemagick |
|
| Vendors & Products |
Imagemagick
Imagemagick imagemagick |
Wed, 01 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In versions prior to 7.1.2-26he, the `-concatenate` operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26. | |
| Title | ImageMagick: Policy Bypass in concatenate operation due to missing checks | |
| Weaknesses | CWE-73 CWE-862 |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-01T18:34:34.320Z
Reserved: 2026-06-16T23:52:12.055Z
Link: CVE-2026-55628
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-07T14:30:04Z