ImageMagick MIFF Overflow in Display Tool (pre 7.1.2-21 / 6.9.13-46)
CVE-2026-42050 Published on May 11, 2026
ImageMagick: Stack buffer overflow in XTileImage
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerability is fixed in 7.1.2-21 and 6.9.13-46.
Vulnerability Analysis
CVE-2026-42050 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
What is a Stack Overflow Vulnerability?
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2026-42050 has been classified to as a Stack Overflow vulnerability or weakness.
Products Associated with CVE-2026-42050
Want to know whenever a new CVE is published for ImageMagick? stack.watch will email you.
Affected Versions
ImageMagick:- Version < 6.9.13-46 is affected.
- Version >= 7.0.0, < 7.1.2-20 is affected.