HIGHCVE-2026-33856Published 2026-03-24Modified 2026-03-24CNA GovTech CSG

CVE-2026-33856: Missing Release of Memory after Effective Lifetime in MolotovCherry Android-ImageMagick7

Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11.

CVSS v3.1: 7.5
Severity: HIGH
Fixed in: 7.1.2-11
Affected Products: 1

Fix available

7.1.2-11

Patch commits

github.com

Affected packages

MolotovCherry / Android-ImageMagick7
< 7.1.2-11 (from 0)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

github.com

Metrics

Fix available