CVE-2026-46693
Public on 2026-05-22
Modified on 2026-05-22
Description
An attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is met. (as per: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-4g75-9r48-jf92)
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 2 - Core | ImageMagick | Pending Fix | ||
| Amazon Linux 2023 | ImageMagick | Pending Fix |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 4.1 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N |