All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-56369
MEDIUMpublished 2026-06-30 23:17 UTC · 4 days ago · modified 2026-07-02 18:31 UTC
6.3
CVSS / 10
// description
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images.
// weaknesses (CWE)
- CWE-323