ImageMagick <=7.1.2-19 Magnify OOB Read Heap Buffer Overflow
CVE-2026-56372 Published on July 11, 2026
ImageMagick - Heap Buffer Overflow Read via Unrecognized Magnify Method
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service.
Vulnerability Analysis
CVE-2026-56372 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.
Weakness Type
Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Products Associated with CVE-2026-56372
Want to know whenever a new CVE is published for ImageMagick? stack.watch will email you.
Affected Versions
ImageMagick:- Before 7.1.2-19 is affected.
- Version 7.1.2-19 is unaffected.