Imagemagick ImageMagick

  1. Vendors
  2. ImageMagick
  3. Imagemagick

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in ImageMagick.

Known Exploited ImageMagick Vulnerabilities

The following ImageMagick vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
ImageMagick Improper Input Validation Vulnerability ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image.
CVE-2016-3714 Exploit Probability: 93.8% 		September 9, 2024
ImageMagick Ephemeral Coder Arbitrary File Deletion Vulnerability The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
CVE-2016-3715 Exploit Probability: 77.7% 		November 3, 2021
ImageMagick SSRF Vulnerability The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
CVE-2016-3718 Exploit Probability: 83.8% 		November 3, 2021

Of the known exploited vulnerabilities above, 2 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. The vulnerability CVE-2016-3715: ImageMagick Ephemeral Coder Arbitrary File Deletion Vulnerability is in the top 5% of the currently known exploitable vulnerabilities.

By the Year

In 2026 there have been 59 vulnerabilities in ImageMagick with an average score of 6.1 out of ten. Last year, in 2025 Imagemagick had 22 security vulnerabilities published. That is, 37 more vulnerabilities have already been reported in 2026 as compared to last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.46.




Year Vulnerabilities Average Score
2026 59 6.08
2025 22 5.62
2024 3 7.80
2023 16 6.11
2022 15 6.54
2021 16 4.70
2020 40 4.54
2019 64 7.06
2018 60 7.24

It may take a day or so for new Imagemagick vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent ImageMagick Security Vulnerabilities

ImageMagick <=7.1.2-17 stack overflow via incorrect return value
CVE-2026-33536 5.1 - Medium - March 26, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write. Versions 7.1.2-18 and 6.9.13-43 patch the issue.

Memory Corruption

ImageMagick X11 OOB Write in display() before 7.1.2-18/6.9.13-43
CVE-2026-33535 4 - Medium - March 26, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 `display` interaction path that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue.

Memory Corruption

ImageMagick NewXMLTree OOB Write Crash before 7.1.2-17 & 6.9.13-42
CVE-2026-32636 5.3 - Medium - March 18, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte. Versions 7.1.2-17 and 6.9.13-42 fix the issue.

Memory Corruption

ImageMagick <7.1.2-16,6.9.13-41 Sixel Encoder Stack Buffer Overwrite
CVE-2026-32259 6.7 - Medium - March 12, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, when a memory allocation fails in the sixel encoder it would be possible to write past the end of a buffer on the stack. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Stack Overflow

ImageMagick 7.1.2-16/6.9.13-41 SFW Decoder Overflow on 32-Bit
CVE-2026-31853 5.7 - Medium - March 11, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, an overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Heap-based Buffer Overflow

ImageMagick XWD Encoder Overflow (<7.1.2-16, <6.9.13-41)
CVE-2026-30937 6.8 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Heap-based Buffer Overflow

ImageMagick OOB Heap Write in WaveletDenoiseImage <7.1.2-16
CVE-2026-30936 5.5 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Heap-based Buffer Overflow

ImageMagick <7.1.2-16 BilateralBlur Image Heap OOB Read
CVE-2026-30935 4.4 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, BilateralBlurImage contains a heap buffer over-read caused by an incorrect conversion. When processing a crafted image with the -bilateral-blur operation an out of bounds read can occur. This vulnerability is fixed in 7.1.2-16.

Out-of-bounds Read

Heap BOV in ImageMagick UHDR Encoder (v<7.1.2-16) - Fixed
CVE-2026-30931 6.8 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, a heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of bounds write. This vulnerability is fixed in 7.1.2-16.

Heap-based Buffer Overflow

ImageMagick Buffer Overflow in MagnifyImage before 7.1.2-16/6.9.13-41
CVE-2026-30929 7.7 - High - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MagnifyImage uses a fixed-size stack buffer. When using a specific image it is possible to overflow this buffer and corrupt the stack. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Stack Overflow

ImageMagick PNG heap overflow via large image profile (pre-7.1.2-16,6.9.13-41)
CVE-2026-30883 5.7 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Buffer Overflow

CVE-2026-28693: ImageMagick DIB coder int overflow before 7.1.2-16/6.9.13-41
CVE-2026-28693 8.1 - High - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Out-of-bounds Read

ImageMagick MAT Decoder Heap Over-Read (before 7.1.2-16 / 6.9.13-41)
CVE-2026-28692 4.8 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Out-of-bounds Read

ImageMagick JBIG Decoder Uninit Pointer Deref CVE-2026-28691 (before 7.1.2-16,6.9.13-41)
CVE-2026-28691 7.5 - High - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Unchecked Return Value

ImageMagick MNG Encoder Stack Buffer Overflow Before 7.1.2-16 (CVE-2026-28690)
CVE-2026-28690 6.9 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Stack Overflow

ImageMagick Path Auth Bypass (pre 7.1.2-16/6.9.13-41)
CVE-2026-28689 6.3 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain="path" authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

insecure temporary file

ImageMagick MSL encoder heap-use-after-free before v7.1.2-16,6.9.13-41
CVE-2026-28688 4 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing MSL so the write capability has been removed. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Dangling pointer

ImageMagick MSL Heap UAF Fixed in 7.1.216/6.9.1341
CVE-2026-28687 5.3 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Dangling pointer

ImageMagick Heap-Buffer-Overflow in PCL Encode, Fixed in 7.1.2-16 & 6.9.13-41
CVE-2026-28686 6.8 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Heap-based Buffer Overflow

ImageMagick <7.1.2-16 Buffer Overflow in Morph kernel parse
CVE-2026-28494 7.1 - High - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.

Stack Overflow

ImageMagick <=7.1.2-16 Integer Overflow in SIXEL Decoder (CVE-2026-28493)
CVE-2026-28493 6.5 - Medium - March 09, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerability is fixed in 7.1.2-16.

Integer Overflow or Wraparound

ImageMagick 7.1.2-15 & 6.9.13-40: DJVU Handler Heap Buffer Overread
CVE-2026-27799 4 - Medium - February 25, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride (row size) for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Heap-based Buffer Overflow

ImageMagick: Heap OOR in -wavelet-denoise (pre7.1.215/6.9.1340)
CVE-2026-27798 4 - Medium - February 25, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability occurs when processing an image with small dimension using the `-wavelet-denoise` operator. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Out-of-bounds Read

ImageMagick MSL Interpreter UAF via Faulty <map> (pre-7.1.2-15/6.9.13-40)
CVE-2026-26983 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid `<map>` element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

NULL Pointer Dereference

ImageMagick PCD Huffman OOB Read Fixed in 7.1.2-15/6.9.13-40
CVE-2026-26284 6.5 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huffman-coded data from PCD (Photo CD) files. The decoder contains an function that has an incorrect initialization that could cause an out of bounds read. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Heap-based Buffer Overflow

ImageMagick JPEG Encoder: CVE-2026-26283, Infinite Loop DoS <7.1.2-15/6.9.13-40
CVE-2026-26283 6.2 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a `continue` statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger a 100% CPU consumption and process hang (Denial of Service) with a crafted image. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Infinite Loop

ImageMagick IPTCTEXT infinite loop pre-7.1.2-15/6.9.13-40
CVE-2026-26066 6.2 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT`. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Resource Exhaustion

ImageMagick 6.9.13-40/7.1.2-15: SVG DoS via off-by-one boundary
CVE-2026-25989 7.5 - High - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check (`>` instead of `>=`) that allows bypass the guard and reach an undefined `(size_t)` cast. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Integer Overflow or Wraparound

ImageMagick msl.c stack leak before 7.1.2-15/6.9.13-40
CVE-2026-25988 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Memory Leak

ImageMagick MAP Decoder Heap Buffer Over-read (CVE-2026-25987) before 7.1.2-15
CVE-2026-25987 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory disclosure during image decoding. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Out-of-bounds Read

ImageMagick 7.1.2-14 heap overflow in ReadYUVImage() YUV 4:2:2
CVE-2026-25986 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer overflow write vulnerability exists in ReadYUVImage() (coders/yuv.c) when processing malicious YUV 4:2:2 (NoInterlace) images. The pixel-pair loop writes one pixel beyond the allocated row buffer. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Memory Corruption

ImageMagick SVG OOM via ~674GB allocation pre7.1.215/6.9.1340
CVE-2026-25985 7.5 - High - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate ~674 GB of memory, leading to an out-of-memory abort. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Allocation of Resources Without Limits or Throttling

ImageMagick <7.1.2-15 heap UAF via crafted MSL script
CVE-2026-25983 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading to a UAF in ReadBlobString during further parsing. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Dangling pointer

CVE-2026-25982 ImageMagick DCM OOB Read in coders/dcm.c before 7.1.2-15/6.9.13-40
CVE-2026-25982 6.5 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap out-of-bounds read vulnerability exists in the `coders/dcm.c` module. When processing DICOM files with a specific configuration, the decoder loop incorrectly reads bytes per iteration. This causes the function to read past the end of the allocated buffer, potentially leading to a Denial of Service (crash) or Information Disclosure (leaking heap memory into the image). Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Out-of-bounds Read

ImageMagick 7.1.2-15/6.9.13-40 stack overflow via circular MSL refs
CVE-2026-25971 6.2 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for circular references between two MSLs, leading to a stack overflow. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Stack Exhaustion

ImageMagick 7.1.2-15 & 6.9.13-40: Signed Int Overflow in SIXEL Decoder
CVE-2026-25970 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a maliciously crafted SIXEL image file. The vulnerability occurs during buffer reallocation operations where pointer arithmetic using signed 32-bit integers overflows. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Integer Overflow or Wraparound

ImageMagick 7.1.2-15 Vulnerable: Memory Leak in ashlar.c
CVE-2026-25969 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a structure. However, when an exception is thrown, the allocated memory is not properly released, resulting in a potential memory leak. Version 7.1.2-15 contains a patch.

Memory Leak

ImageMagick stack buffer overflow (msl.c) before 7.1.2-15/6.9.13-40
CVE-2026-25968 7.4 - High - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Stack Overflow

ImageMagick 7.1.2-15 FTXT Stack Buffer Overflow CVE-2026-25967
CVE-2026-25967 7.4 - High - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash. Version 7.1.2-15 contains a patch.

Stack Overflow

ImageMagick Secure Policy fd: Bypass in 7.1.2-15/6.9.13-40
CVE-2026-25966 5.9 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd:<n> pseudo-filenames (e.g., fd:0, fd:1). Prior to versions 7.1.2-15 and 6.9.13-40, this path form is not blocked by the secure policy templates, and therefore bypasses the protection goal of "no stdin/stdout." Versions 7.1.2-15 and 6.9.13-40 contain a patch by including a change to the more secure policies by default. As a workaround, add the change to one's security policy manually.

Authorization

ImageMagick LFI via Path Traversal before 7.1.2-15/6.9.13-40
CVE-2026-25965 8.6 - High - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagicks path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/* can be bypassed by a path traversal. The OS resolves the traversal and opens the sensitive file, but the policy matcher only sees the unnormalized path and therefore allows the read. This enables local file disclosure (LFI) even when policy-secure.xml is applied. Actions to prevent reading from files have been taken in versions .7.1.2-15 and 6.9.13-40 But it make sure writing is also not possible the following should be added to one's policy. This will also be included in ImageMagick's more secure policies by default.

Directory traversal

ImageMagick 7.1.2-15/6.9.13-40 UI/XPM Index Overflow Crash
CVE-2026-25898 6.5 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by `GetPixelIndex()` before using it as an array subscript. In HDRI builds, `Quantum` is a floating-point type, so pixel index values can be negative. An attacker can craft an image with negative pixel index values to trigger a global buffer overflow read during conversion, leading to information disclosure or a process crash. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Out-of-bounds Read

ImageMagick Integer Overflow in sun decoder pre7.1.215/6.9.1340
CVE-2026-25897 6.5 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, an Integer Overflow vulnerability exists in the sun decoder. On 32-bit systems/builds, a carefully crafted image can lead to an out of bounds heap write. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Heap-based Buffer Overflow

ImageMagick YUV Sampling Factor DDOS pre-7.1.2-15/6.9.13-40
CVE-2026-25799 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resulting in a reliable denial-of-service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Divide By Zero

ImageMagick NULL PD in ClonePixelCacheRepository before 7.1.2-15 / 6.9.13-40
CVE-2026-25798 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image file, resulting in denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

NULL Pointer Dereference

ImageMagick PS Header & HTML Code Injection before 7.1.2-15/6.9.13-40
CVE-2026-25797 5.7 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a malicous file and inject arbitrary PostScript code. When the resulting file is processed by a printer or a viewer (like Ghostscript), the injected code is interpreted and executed. The html encoder does not properly escape strings that are written to in the html document. An attacker can provide a malicious file and injection arbitrary html code. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Code Injection

ImageMagick memory leak in ReadSTEGANOImage prior to 7.1.2-15 / 6.9.13-40
CVE-2026-25796 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` Image object is not freed on three early-return paths, resulting in a definite memory leak (~13.5KB+ per invocation) that can be exploited for denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Memory Leak

ImageMagick <7.1.2-15 & <6.9.13-40: NULL Deref in ReadSFWImage
CVE-2026-25795 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSFWImage()` (`coders/sfw.c`), when temporary file creation fails, `read_info` is destroyed before its `filename` member is accessed, causing a NULL pointer dereference and crash. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

NULL Pointer Dereference

ImageMagick <=7.1.2-14 UHDR Out-of-Bounds Heap Write
CVE-2026-25794 8.2 - High - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. `WriteUHDRImage` in `coders/uhdr.c` uses `int` arithmetic to compute the pixel buffer size. Prior to version 7.1.2-15, when image dimensions are large, the multiplication overflows 32-bit `int`, causing an undersized heap allocation followed by an out-of-bounds write. This can crash the process or potentially lead to an out of bounds heap write. Version 7.1.2-15 contains a patch.

Heap-based Buffer Overflow

ImageMagick Memory Leak in MSL Coder pre-7.1.2-15/6.9.13-40
CVE-2026-25638 5.3 - Medium - February 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in `coders/msl.c`. In the `WriteMSLImage` function of the `msl.c` file, resources are allocated. But the function returns early without releasing these allocated resources. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Memory Leak

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for ImageMagick or by ImageMagick? Click the Watch button to subscribe.

ImageMagick
Vendor

ImageMagick
Product

subscribe