CVE-2026-33852
Memory Leak in Android-ImageMagick7 Before
Publication date: 2026-03-24
Last updated on: 2026-03-26
Assigner: Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| molotovcherry | android-imagemagick7 | to 7.1.2-11 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-401 | The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
How can this vulnerability impact me? :
The impact of this vulnerability is primarily on availability. Because memory is not released properly, it can cause the affected system or application to run out of memory, potentially leading to crashes or denial of service.
Can you explain this vulnerability to me?
This vulnerability is a Missing Release of Memory after Effective Lifetime issue in MolotovCherry Android-ImageMagick7. It affects versions before 7.1.2-11. Essentially, the software fails to properly release memory after it is no longer needed, which can lead to resource exhaustion.