प्लेटफ़ॉर्म
imagemagick
घटक
imagemagick
में ठीक किया गया
7.0.1
6.9.14
CVE-2026-25797 describes a code injection vulnerability in ImageMagick, a widely used image processing library. An attacker can inject malicious PostScript code into image files processed by ImageMagick, leading to arbitrary code execution when the file is opened by a viewer or printer. This vulnerability affects versions 7.0.0 through 7.1.1 and has been resolved in version 7.1.2-15.
Successful exploitation of CVE-2026-25797 allows an attacker to execute arbitrary code on the system processing the malicious image file. This could involve gaining control of the server, stealing sensitive data, or installing malware. The attack vector involves crafting a specially designed image file that, when processed by ImageMagick, injects PostScript code into the file's header. This injected code is then executed by the PostScript interpreter (e.g., Ghostscript) when the file is viewed or printed. The blast radius extends to any system that processes images created with the vulnerable ImageMagick version, including print servers, web servers serving images, and individual workstations.
CVE-2026-25797 was publicly disclosed on February 24, 2026. Currently, no public proof-of-concept exploits are widely available, but the vulnerability's nature suggests a moderate probability of exploitation (medium EPSS score). It's crucial to prioritize patching due to the potential for remote code execution. Monitor security advisories and threat intelligence feeds for any signs of active exploitation campaigns.
Systems running ImageMagick 7.0.0 through 7.1.1 are at risk, particularly those used in web applications, print servers, and automated image processing pipelines. Shared hosting environments where users can upload images are also at increased risk, as they may be vulnerable to malicious file uploads.
• linux / server:
find /usr/local/bin /opt/homebrew/bin -name 'magick' -print0 | xargs -0 file• generic web:
curl -I https://example.com/image.ps | grep -i 'postscript'disclosure
एक्सप्लॉइट स्थिति
EPSS
0.02% (6% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2026-25797 is to upgrade ImageMagick to version 7.1.2-15 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. These may include restricting file uploads to trusted sources, validating image file types rigorously, and using a Web Application Firewall (WAF) to filter potentially malicious PostScript code. Monitor ImageMagick logs for unusual activity or errors related to PostScript processing. After upgrading, confirm the fix by attempting to process a known malicious image file and verifying that the code injection is prevented.
ImageMagick को संस्करण 7.1.2-15 या उच्चतर, या संस्करण 6.9.13-40 या उच्चतर में अपडेट करें। यह पोस्टस्क्रिप्ट कोडर में कोड इंजेक्शन भेद्यता और HTML इंजेक्शन भेद्यता को ठीक कर देगा। अपडेट सिस्टम पैकेज मैनेजर के माध्यम से या आधिकारिक वेबसाइट से नवीनतम संस्करण डाउनलोड करके किया जा सकता है।
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2026-25797 is a medium-severity vulnerability in ImageMagick versions 7.0.0 through 7.1.1 that allows attackers to inject malicious PostScript code, potentially leading to remote code execution.
If you are using ImageMagick versions 7.0.0 through 7.1.1, you are potentially affected by this vulnerability. Check your version and upgrade accordingly.
Upgrade ImageMagick to version 7.1.2-15 or later to resolve this vulnerability. If immediate upgrade is not possible, implement temporary workarounds like file type validation and WAF rules.
While no public exploits are widely available, the vulnerability's potential for remote code execution suggests a moderate risk of exploitation. Monitor security advisories for updates.
Refer to the official ImageMagick security advisory for detailed information and updates: [https://imagemagick.org/script/security.php](https://imagemagick.org/script/security.php)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।