Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-56377

ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 5.9%
CVSS Severity
CVSS v3 Score 3.3
Products affected by CVE-2026-56377


Contact Us

Shodan ® - All rights reserved