CVE-2026-33852

← CVEs

HIGH 7.5

Published

2026-03-24

Last Modified

2026-03-26

Affected Apps

Affected Devices

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11.

Affected Applications in Environment 12

ImageMagick v7.1.1-32

1 device

ImageMagick v6.9.10.68-6.el7_9

1 device

ImageMagick v0:6.9.13.25-1.el8

1 device

ImageMagick v7.0.5

1 device

imagemagick v8:6.9.12.98+dfsg1-5.2build2

22 devices

imagemagick v8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5

13 devices

imagemagick v8:6.9.11.60+dfsg-1.6+deb12u4

1 device

imagemagick v8:6.8.9.9-7ubuntu5.16+esm19

1 device

imagemagick v8:6.9.10.23+dfsg-2.1ubuntu11.11

4 devices

imagemagick v8:6.9.11.60+dfsg-1.3+deb11u10

1 device

imagemagick v8:6.9.11.60+dfsg-1.3+deb11u9

1 device

imagemagick v8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm6

1 device

Affected Devices 48

ATWOOD-PD-BSMTH Windows MILLPRODWEB Windows blakeutil Linux cceredcapweb Linux dpapsb-191594.mypc.usu.edu Linux fw Linux guru.cluster Linux hotcheeto Linux itfinance Linux kcm.usu.edu Linux librenms Linux omekanew Linux owenclarke-OptiPlex-7090 Linux redcapweb Linux starfleetpad Linux storm Linux tsutil.it.usu.edu Linux web-lb01-redirect.usu.edu Linux web-lb02-redirect.usu.edu Linux web-lb03-redirect.usu.edu Linux web02.usu.edu Linux web03.usu.edu Linux web08.usu.edu Linux web09.usu.edu Linux web10 Linux web10-awhc Linux web10-awhc Linux web11.usu.edu Linux web12.usu.edu Linux web13.usu.edu Linux web14.usu.edu Linux web15.usu.edu Linux web16.usu.edu Linux web17 Linux web18 Linux web19.usu.edu Linux web20 Linux web25 Linux web27.usu.edu Linux web29.usu.edu Linux web30.usu.edu Linux web31.usu.edu Linux web32.usu.edu Linux web33.usu.edu Linux web34.usu.edu Linux web35.usu.edu Linux web36.usu.edu Linux web37.usu.edu Linux

References 1

https://github.com/MolotovCherry/Android-ImageMagick7/pull/191