This release of Nitrocid v0.1.0.76 includes security bug fixes that are done by Terminaux 8.3.0 and 8.4.0.2. We advise users to upgrade to this version of the project to ensure that attack vectors are reduced.

Fixed CVEs list

The below CVEs have been fixed as of this release.

High severity

• CVE-2026-33908 - GHSA-fwvm-ggf6-2p4x: ImageMagick has a Stack Overflow in DestroyXMLTree()
• CVE-2026-33901 - GHSA-x9h5-r9v2-vcww: ImageMagick has a heap Buffer Overflow in ImageMagick MVG decoder
• CVE-2026-46522 - GHSA-7gg8-qqx7-92g5: ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion
• CVE-2026-46520 - GHSA-36wm-hprc-mcf5: ImageMagick: Heap Buffer Over-Write in IPL decoder when reading multiple images of different dimensions

Medium severity

• CVE-2026-33536 - GHSA-v67w-737x-v2c9: ImageMagick has a heap overflow caused by integer overflow/wraparound in viff encoder on 32-bit builds
• CVE-2026-34238 - GHSA-26qp-ffjh-2x4v: ImageMagick has an integer overflow in despeckle operation causing a heap buffer overflow on 32-bit builds
• CVE-2026-33899 - GHSA-cr67-pvmx-2pp2: ImageMagick has a heap-Buffer-Overflow write of a single zero byte when parsing xml
• CVE-2026-33902 - GHSA-f4qm-vj5j-9xpw: ImageMagick has a Stack Overflow via Recursive FX Expression Parsing
• CVE-2026-33905 - GHSA-pcvx-ph33-r5vv: ImageMagick has an out-of-bounds read in sample operation
• CVE-2026-40169 - GHSA-5592-p365-24xh: ImageMagick has a heap buffer overflow (WRITE) in the YAML and JSON encoders
• CVE-2026-40183 - GHSA-jvgr-9ph5-m8v4: ImageMagick has a heap buffer overflow when encoding JXL image with a 16-bit float
• CVE-2026-40310 - GHSA-pwg5-6jfc-crvh: ImageMagick has a heap out-of-bounds write in JP2 encoder
• CVE-2026-40311 - GHSA-r83h-crwp-3vm7: ImageMagick has a heap-use-after-free via XMP profile could result in a crash when printing the values
• CVE-2026-40312 - GHSA-5xg3-585r-9jh5: ImageMagick has an off-by-one error in MSL decoder could result in crash
• GHSA-98cp-rj9f-6v5g: ImageMagick has has a stack-buffer-overflow in MNG encoder with oversized pallete
• CVE-2026-46557 - GHSA-rcr6-g7jc-f57g: ImageMagick: Stack overflow in fx operation
• CVE-2026-46523 - GHSA-5r4x-w6p5-222q: ImageMagick: Use-After-Free in MSL decoder
• CVE-2026-45359 - GHSA-vhrh-72hq-w8m7: ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define
• CVE-2026-46521 - GHSA-jcqp-6r6f-3mfx: ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression
• CVE-2026-45664 - GHSA-g5mf-wqq5-vwg6: ImageMagick: Policy Bypass in MNG coder could
• CVE-2026-45031 - GHSA-cwpj-h54c-xjpx: ImageMagick: Policy Bypass in PSD decoder
• CVE-2026-45358 - GHSA-cr6r-hmj8-pr7r: ImageMagick: Out-of-Bounds Read of a single byte in meta encoder
• CVE-2026-45624 - GHSA-pfvh-m9xv-8966: ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation
• CVE-2026-42326 - GHSA-7wff-wpr6-vmhm: ImageMagick: Heap Buffer Over-Read in IPTC encoder
• CVE-2026-46559 - GHSA-533m-3wf6-c33v: ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder

Low severity

• GHSA-q8h3-jv9v-57qx: ImageMagick has has an off-by-one origin validation in allows out-of-bounds read in morphology processing
• GHSA-8vfj-q2cp-5m5j: ImageMagick has a heap buffer overflow read in magnify operation via unrecognized magnify:method value
• GHSA-w54j-7wpm-crhj: ImageMagick has a heap-buffer-overflow in FTXT encoder
• GHSA-x928-4434-crqj: ImageMagick has a memory leak in PNG encoder when writing a MNG image

How to upgrade

To upgrade this project, ensure that you use the appropriate methods to perform this upgrade, such as system-wide package managers (like apt) in case of an installed application or a system-wide library, or project-specific package managers (like NuGet) in case of upgrading this project in your app’s source code.