What is GHSA-7wff-wpr6-vmhm?

GHSA-7wff-wpr6-vmhm is a security advisory published by GitHub Security Advisories with Medium severity. ImageMagick: Heap Buffer Over-Read in IPTC encoder

Which CVE IDs does GHSA-7wff-wpr6-vmhm cover?

GHSA-7wff-wpr6-vmhm covers the following CVE IDs: CVE-2026-42326. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-7wff-wpr6-vmhm?

GHSA-7wff-wpr6-vmhm has a CVSS v3 base score of 5.1, published by GitHub Security Advisories.

Which products are affected by GHSA-7wff-wpr6-vmhm?

GHSA-7wff-wpr6-vmhm affects 18 products, including: nuget/Magick.NET-Q16-AnyCPU:\u003c 14.13.1; nuget/Magick.NET-Q16-HDRI-AnyCPU:\u003c 14.13.1; nuget/Magick.NET-Q16-HDRI-OpenMP-arm64:\u003c 14.13.1; nuget/Magick.NET-Q16-HDRI-OpenMP-x64:\u003c 14.13.1; nuget/Magick.NET-Q16-HDRI-arm64:\u003c 14.13.1; and others — see the full list on the advisory page.

GHSA-7wff-wpr6-vmhmMediumCVSS 5.1

ImageMagick: Heap Buffer Over-Read in IPTC encoder

Vendor

GitHub Security Advisories

Published

May 18, 2026

Last Modified

May 18, 2026

🔗 CVE IDs covered (1)

CVE-2026-42326 →

📋 Description

When writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte.

🎯 Affected products18

nuget/Magick.NET-Q16-AnyCPU:< 14.13.1
nuget/Magick.NET-Q16-HDRI-AnyCPU:< 14.13.1
nuget/Magick.NET-Q16-HDRI-OpenMP-arm64:< 14.13.1
nuget/Magick.NET-Q16-HDRI-OpenMP-x64:< 14.13.1
nuget/Magick.NET-Q16-HDRI-arm64:< 14.13.1
nuget/Magick.NET-Q16-HDRI-x64:< 14.13.1
nuget/Magick.NET-Q16-HDRI-x86:< 14.13.1
nuget/Magick.NET-Q16-OpenMP-arm64:< 14.13.1
nuget/Magick.NET-Q16-OpenMP-x64:< 14.13.1
nuget/Magick.NET-Q16-arm64:< 14.13.1
nuget/Magick.NET-Q16-x64:< 14.13.1
nuget/Magick.NET-Q16-x86:< 14.13.1
nuget/Magick.NET-Q8-AnyCPU:< 14.13.1
nuget/Magick.NET-Q8-OpenMP-arm64:< 14.13.1
nuget/Magick.NET-Q8-OpenMP-x64:< 14.13.1
nuget/Magick.NET-Q8-arm64:< 14.13.1
nuget/Magick.NET-Q8-x64:< 14.13.1
nuget/Magick.NET-Q8-x86:< 14.13.1

🔗 CVE IDs covered (1)

📋 Description

🎯 Affected products18

🔗 References (2)