Rootio-Imagemagick: Remote Code Execution via Malicious Image Files

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Rootio-Imagemagick: Remote Code Execution via Malicious Image Files

ROOT-OS-DEBIAN-12-CVE-2026-33908

Summary

An attacker can upload a malicious image file to your website or server, which could allow them to execute unauthorized code on your system. This issue affects the Rootio-Imagemagick package on certain Debian systems, and a fix is available. Update your package to the latest version to prevent any potential issues.

What to do

Update rootio-imagemagick to version 8:6.9.11.60+dfsg-1.6+deb12u8.root.io.44.
Update rootio-imagemagick to version 8:6.9.11.60+dfsg-1.6+deb12u8.root.io.45.

Affected software

Ecosystem	Vendor	Product	Affected versions
Root:Debian:12	–	rootio-imagemagick	< 8:6.9.11.60+dfsg-1.6+deb12u8.root.io.44 < 8:6.9.11.60+dfsg-1.6+deb12u8.root.io.45 Fix: upgrade to 8:6.9.11.60+dfsg-1.6+deb12u8.root.io.44

Original title

CVE-2026-33908 in rootio-imagemagick - Patched by Root

Original description

Root has patched CVE-2026-33908 in the rootio-imagemagick package for Root:Debian:12. Multiple fixed versions available.

Published: 17 Apr 2026 · Updated: 17 Apr 2026 · First seen: 16 Apr 2026