CVE-2026-33853 - Vulnerability Details - OpenCVE

NULL Pointer Dereference vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-10.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Molotovcherry	Android-imagemagick7

No data.

No data.

References

Link	Providers
https://github.com/MolotovCherry/Android-ImageMagick7/pull/183

History

Tue, 24 Mar 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 24 Mar 2026 10:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Molotovcherry Molotovcherry android-imagemagick7
Vendors & Products		Molotovcherry Molotovcherry android-imagemagick7

Tue, 24 Mar 2026 06:15:00 +0000

Type	Values Removed	Values Added
Description		NULL Pointer Dereference vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-10.
Title		NULL Pointer Dereference in MolotovCherry Android-ImageMagick7
Weaknesses		CWE-476
References		https://github.com/MolotovCherry/Android-ImageMagick7/pull/183
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published: 2026-03-24T05:56:33.223Z

Updated: 2026-03-24T14:15:25.078Z

Reserved: 2026-03-24T05:55:55.342Z

Link: CVE-2026-33853

Vulnrichment

Updated: 2026-03-24T14:15:21.445Z

NVD

Status : Received

Published: 2026-03-24T06:16:22.517

Modified: 2026-03-24T06:16:22.517

Link: CVE-2026-33853

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33853", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "state": "PUBLISHED", "assignerShortName": "GovTech CSG", "dateReserved": "2026-03-24T05:55:55.342Z", "datePublished": "2026-03-24T05:56:33.223Z", "dateUpdated": "2026-03-24T14:15:25.078Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-03-24T05:56:33.223Z"}, "title": "NULL Pointer Dereference in MolotovCherry Android-ImageMagick7", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "type": "CWE"}]}], "affected": [{"vendor": "MolotovCherry", "product": "Android-ImageMagick7", "collectionURL": "https://github.com/MolotovCherry/Android-ImageMagick7", "versions": [{"status": "affected", "version": "0", "lessThan": "7.1.2-10", "versionType": "git"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-10.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "NULL Pointer Dereference vulnerability in MolotovCherry Android-ImageMagick7.<p>This issue affects Android-ImageMagick7: before 7.1.2-10.</p>"}]}], "references": [{"url": "https://github.com/MolotovCherry/Android-ImageMagick7/pull/183", "tags": ["patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}}], "credits": [{"lang": "en", "value": "TITAN Team (titancaproject@gmail.com)", "type": "reporter"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T14:15:18.263309Z", "id": "CVE-2026-33853", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T14:15:25.078Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33853", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T14:15:18.263309Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T14:15:21.445Z"}}], "cna": {"title": "NULL Pointer Dereference in MolotovCherry Android-ImageMagick7", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "TITAN Team (titancaproject@gmail.com)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "MolotovCherry", "product": "Android-ImageMagick7", "versions": [{"status": "affected", "version": "0", "lessThan": "7.1.2-10", "versionType": "git"}], "collectionURL": "https://github.com/MolotovCherry/Android-ImageMagick7", "defaultStatus": "affected"}], "references": [{"url": "https://github.com/MolotovCherry/Android-ImageMagick7/pull/183", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "NULL Pointer Dereference vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-10.", "supportingMedia": [{"type": "text/html", "value": "NULL Pointer Dereference vulnerability in MolotovCherry Android-ImageMagick7.<p>This issue affects Android-ImageMagick7: before 7.1.2-10.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2026-03-24T05:56:33.223Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33853", "state": "PUBLISHED", "dateUpdated": "2026-03-24T14:15:25.078Z", "dateReserved": "2026-03-24T05:55:55.342Z", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "datePublished": "2026-03-24T05:56:33.223Z", "assignerShortName": "GovTech CSG"}, "dataVersion": "5.2"}