ImageMagick Zero-Days Enable RCE on Linux, WordPress via Image Upload

Security researchers at Octagon Networks have disclosed multiple zero-day vulnerabilities in ImageMagick that allow remote code execution through simple image uploads. The flaws bypass ImageMagick's default security policies, the recommended production "limited" policy, and even the most restrictive "secure" policy when GhostScript is compiled as a linked library.

A fix exists in some package versions since November 2025, but it was never labeled as a security update. Most standard Linux distributions and WordPress deployments will remain vulnerable until package maintainers push updates—potentially 2027 for some systems.

Magic Byte Exploitation

ImageMagick doesn't rely on file extensions to determine processing. It inspects file contents and uses magic byte detection to select the appropriate processing coder. This design choice—intended for flexibility—creates the vulnerability.

Researchers used Octagon's AI security tool pwn.ai to conduct a systematic audit of ImageMagick's entire processing pipeline. The tool identified that specially crafted files can disguise malicious commands within content that appears to be standard image data. ImageMagick's content inspection triggers processing paths that execute these commands.

According to Hackread's analysis, uploading a crafted .jpg or .pdf file achieves file writes to /tmp/ on default ImageMagick installations. On systems where GhostScript processes PDFs as a linked library rather than a subprocess, even the "secure" policy fails to prevent code execution.

Affected Systems

The default policies shipping with major Linux distributions are vulnerable:

• Ubuntu 22.04
• Debian 11 and 12
• Fedora, RHEL, CentOS
• Arch Linux, Alpine Linux, OpenSUSE
• Amazon Linux
• Google Cloud Shell
• macOS Homebrew installations
• Most Docker images containing ImageMagick

WordPress sites face particular risk because image upload is core functionality. Any plugin that processes uploaded images through ImageMagick—and there are many—potentially exposes the vulnerability. The Gravity Forms plugin was specifically mentioned in researcher disclosures.

This attack surface mirrors the NoVoice Android rootkit distribution method where legitimate functionality was subverted to deliver malicious payloads. Image processing libraries handle untrusted input by design, making them attractive targets.

The Patching Problem

A fix landed in ImageMagick's codebase in November 2025. The problem: it wasn't flagged as a security update. No CVE was assigned. No advisory was published. The fix simply merged as part of routine maintenance.

Distribution package maintainers didn't know to prioritize the update. Most Linux distributions still ship vulnerable ImageMagick versions in their stable repositories. Automatic updates won't fix this—administrators need to manually update ImageMagick or wait for distributions to repackage with the fix.

For production WordPress deployments, this means:

1. Identify whether your image processing uses ImageMagick (check phpinfo() or server configuration)
2. Check the installed ImageMagick version against patched releases
3. Update manually if necessary, or implement compensating controls

Temporary Mitigations

Until patched versions are available, organizations can reduce exposure:

Disable PDF processing: Remove or comment out the PDF coder in ImageMagick's policy.xml configuration. This blocks the GhostScript attack path but may break functionality.

Restrict file types: Configure applications to reject file types that ImageMagick might process through vulnerable coders. This requires understanding your specific processing needs.

Sandbox ImageMagick: Run ImageMagick in a restricted container or jail with limited filesystem access. Even if code execution succeeds, the attacker faces a constrained environment.

Use alternatives: Libraries like libvips can handle common image processing tasks without ImageMagick's complex coder architecture.

Why AI Found These Bugs

The researchers specifically noted that pwn.ai identified ImageMagick as a high-value target and conducted a "multi-day, systematic audit" of the processing pipeline. Automated security analysis at this depth finds vulnerability classes that manual review might miss.

ImageMagick has a long history of security issues. The 2016 "ImageTragick" vulnerabilities (CVE-2016-3714 and related) demonstrated similar policy bypass techniques. The codebase remains complex enough that new bypass paths continue emerging.

For organizations processing untrusted images at scale, this is another reminder that image libraries require ongoing security attention. The convenience of accepting arbitrary uploads creates lasting attack surface.

Follow our hacking news coverage for updates when CVEs are assigned and distribution patches become available.