top of page
perceptive_background_267k.jpg

CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11.

Published:

23 March 2026 at 23:00:00

Alert date:

24 March 2026 at 09:16:39

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Supply Chain & Dependencies

A CWE-20 (Improper Input Validation) vulnerability has been identified in MolotovCherry's Android-ImageMagick7 library. This security flaw affects all versions of Android-ImageMagick7 prior to version 7.1.2-11. The vulnerability is classified as improper input validation, which could potentially allow attackers to exploit the image processing functionality. Users are advised to upgrade to version 7.1.2-11 or later to mitigate this security risk. A fix appears to be available through a GitHub pull request addressing the issue.

Technical details

Mitigation steps:

Affected products:

Android-ImageMagick7

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-4755
https://github.com/MolotovCherry/Android-ImageMagick7/pull/193

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page