CVE-2026-46693

Published: Giu 11, 2026 Last Modified: Giu 11, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 4,1
Source: [email protected]
Attack Vector: local
Attack Complexity: high
Privileges Required: high
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none

Description

AI Translation Available

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is met. This issue has been patched in versions 6.9.13-48 and 7.1.2-23.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0001
Percentile
0,0th
Updated

EPSS Score Trend (Last 4 Days)

362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Confidentiality Integrity Access Control
Potential Impacts:
Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Dos: Resource Consumption (Other) Dos: Crash, Exit, Or Restart Dos: Instability Read Files Or Directories Read Application Data Execute Unauthorized Code Or Commands Gain Privileges Or Assume Identity Bypass Protection Mechanism
Applicable Platforms
Languages: C, C++, Java
Technologies: Mobile, ICS/OT
Likelihood of Exploit: Medium
View CWE Details
567

Unsynchronized Access to Shared Data in a Multithreaded Context

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability
Potential Impacts:
Read Application Data Modify Application Data Dos: Instability Dos: Crash, Exit, Or Restart
Applicable Platforms
Languages: Java
View CWE Details
Application

Imagemagick by Imagemagick

Product Information
Vendor Imagemagick
Product Imagemagick
Version Range Affected
From 7.0.0-0 (inclusive)
To 7.1.2-23 (exclusive)
cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Imagemagick by Imagemagick

Product Information
Vendor Imagemagick
Product Imagemagick
Version Range Affected
To 6.9.13-48 (exclusive)
cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/ImageMagick/ImageMagick/security/advisor…
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-4g75-9r48-j…