This page collects WhisperX intelligence signals tagged #imagemagick. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security scan has flagged a high-severity vulnerability, CVE-2026-32636, that remains unresolved in container images built on Alpine Linux 3.23. The flaw, detected by automated Trivy scans, is actively present in specific PHP 8.5 images, indicating a persistent supply chain risk for developers and deployment...
A critical security vulnerability, CVE-2026-30937, remains unresolved in specific PHP container images, posing a persistent medium-severity risk. An automated Trivy scan confirmed the flaw is still present even after a rebuild, indicating a deeper dependency issue within the Alpine Linux 3.23.3 base layer. The vulnerab...
A critical security vulnerability, CVE-2026-31853, remains unresolved in specific PHP container images, posing a persistent medium-severity risk. Automated scans confirm the flaw is still present even after rebuild attempts, indicating a systemic patching failure within the affected software supply chain. This unresolv...
A critical security vulnerability, CVE-2026-30936, remains unpatched in specific PHP container images, posing a persistent medium-severity risk. Automated scans confirm the flaw is still present even after rebuild attempts, indicating a systemic issue with the underlying Alpine Linux base image. This unresolved exposur...
An automated Trivy security scan has flagged a persistent, unresolved vulnerability in critical container images. The medium-severity flaw, CVE-2026-30935, remains active in PHP 8.5 images built on the Alpine Linux 3.23.3 base, specifically affecting both the `cli` and `fpm` variants. Despite a rebuild attempt, the vul...
A critical security vulnerability, CVE-2026-30929, remains unpatched in widely used PHP container images, exposing deployments to a high-severity risk. An automated Trivy scan has confirmed the flaw persists even after rebuild attempts, indicating a systemic issue within the upstream Alpine Linux 3.23 branch. The vulne...
A critical security vulnerability, CVE-2026-30883, remains unpatched in widely used PHP container images, posing a persistent high-severity risk. An automated Trivy scan has confirmed the flaw is still present even after rebuild attempts, indicating a systemic supply chain issue. The vulnerability is rooted in outdated...
A critical security vulnerability, CVE-2026-28691, remains unresolved in specific PHP container images, posing a persistent high-severity risk. Automated scans by Trivy have confirmed the flaw is still present even after rebuild attempts, indicating a systemic issue with the underlying base image. The vulnerability is ...
An automated security scan has flagged a persistent medium-severity vulnerability, CVE-2026-28692, within critical PHP container images. The flaw, linked to outdated ImageMagick libraries, remains unresolved even after attempted rebuilds, indicating a systemic patching failure in the software supply chain. This leaves ...
A critical security vulnerability, CVE-2026-28690, remains unresolved in specific PHP container images, posing a persistent medium-severity risk. Automated scans confirm the flaw is still present even after rebuild attempts, indicating a systemic patching failure within the Alpine Linux 3.23 ecosystem. This unresolved ...
A critical security vulnerability, CVE-2026-28689, remains unresolved in specific PHP container images, posing a persistent medium-severity risk. Automated scans confirm the flaw is still present even after rebuild attempts, indicating a systemic patching failure within the affected software supply chain. This unresolv...
An automated Trivy security scan has flagged an unresolved medium-severity vulnerability, CVE-2026-28686, within container images built on Alpine Linux 3.23. The vulnerability persists even after a rebuild, indicating a systemic supply chain issue affecting downstream PHP deployments. The flaw is tied to outdated Image...
A critical security vulnerability in the widely used Magick.NET-Q16-AnyCPU library exposes systems to a path traversal attack, allowing attackers to bypass security policies and read restricted content. The flaw, which carries a high CVSS severity score of 8.6, is present in version 14.10.2 and has been patched in the ...
A critical security vulnerability in the Magick.NET-Q16-AnyCPU library, with a CVSS score of 8.6, allows attackers to bypass security policies and read restricted content via a path traversal flaw. The vulnerability is present in version 14.10.2 and is fixed in version 14.11.1. This is not a theoretical risk; it is a d...
A critical security vulnerability in the Magick.NET-Q16-AnyCPU library, rated CVSS 8.6, allows attackers to bypass security policies and read restricted content via a path traversal flaw. The vulnerability stems from ImageMagick, the underlying engine, where a misconfiguration in secured policy files can be circumvente...
A critical security vulnerability in the widely used Magick.NET-Q16-AnyCPU library has triggered automated remediation efforts. The flaw, a path traversal weakness in the underlying ImageMagick engine, carries a high-severity CVSS score of 8.6. It allows attackers to bypass configured security policies, potentially rea...
A critical security vulnerability in the ImageMagick library, with a CVSS score of 8.6, allows attackers to bypass security policies and read restricted content via a path traversal flaw. The vulnerability directly impacts the widely used .NET wrapper, Magick.NET-Q16-AnyCPU, requiring an immediate update from version 1...
A newly disclosed vulnerability in the widely used ImageMagick software, tracked as CVE-2026-40311, exposes systems to potential crashes due to a heap use-after-free flaw. The vulnerability, with a CVSS score of 5.5 (Medium severity), resides in the software's handling of XMP profiles. Specifically, reading and printin...
An automated security scan has flagged a persistent, unresolved vulnerability in critical PHP container images. The medium-severity flaw, CVE-2026-40312, remains active in images based on Alpine Linux 3.23.3 even after a rebuild, indicating a systemic patching failure that leaves deployments exposed. The vulnerability...
An automated security scan has identified that CVE-2026-34238, a medium-severity vulnerability in ImageMagick components, remains unaddressed in official PHP 8.4 container images built on Alpine Linux 3.23.3. The critical anomaly: automated hotfix matching returned zero results, and the vulnerability persists even afte...