ImageMagick: ImageMagick: Denial of Service due to excessive resource use in MNG coder

A flaw was found in ImageMagick. A remote attacker could exploit a missing check in the Multiple-image Network Graphics MNG coder to read more images than allowed by policy. This could lead to excessive resource consumption, resulting in a denial of service DoS...

ImageMagick: ImageMagick: Denial of Service via out-of-bounds write when processing multiple images

A flaw was found in ImageMagick, a free and open-source software for editing and manipulating digital images. When processing multiple images with varying dimensions, an out-of-bounds heap write can occur. This vulnerability could allow a remote attacker to cause a denial of service DoS condition...

ImageMagick: ImageMagick: Denial of Service via crafted DCM image with invalid dimensions

A flaw was found in ImageMagick. A missing check in the DCM Digital Imaging and Communications in Medicine decoder allows a remote attacker to provide a specially crafted image with invalid dimensions. This can lead to crashes in other operations, resulting in a denial of service DoS for the...

ImageMagick: ImageMagick: Denial of Service via missing memory request check

A flaw was found in ImageMagick. A remote attacker could exploit a missing check for maximum memory requests in the AcquireAlignedMemory function, leading to an out-of-memory condition. This vulnerability could result in a Denial of Service DoS, making the affected system or application unavailab...

ImageMagick: ImageMagick: Heap buffer over-write via `magick -distribute-cache` service connection

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. A remote attacker, by connecting to a magick -distribute-cache service, can trigger a heap buffer over-write in the server process. This vulnerability can lead to a denial of service...

ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. A remote attacker could exploit this vulnerability by providing a specially crafted MSL Magick Scripting Language image. Processing this malicious image could trigger a...

ImageMagick: ImageMagick: Arbitrary code execution via SVG decoder command injection

A flaw was found in ImageMagick. This command injection vulnerability in the SVG Scalable Vector Graphics decoder allows a remote attacker to craft malicious SVG files. When these files are processed, the injected Magick Vector Graphics MVG commands can execute, potentially leading to arbitrary...

ImageMagick: ImageMagick: Denial of Service due to resource policy bypass in PSD decoder

A flaw was found in ImageMagick. A missing check in the PSD Photoshop Document decoder allows an attacker to bypass the list-length resource policy when processing a specially crafted PSD image. This could lead to a denial of service DoS condition by consuming excessive resources...

Important: Red Hat Security Advisory: ImageMagick security update

An update for ImageMagick is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

EUVD-2026-36192

ImageMagick has a Heap Buffer Over-Write in SF3 encoder when writing multi-frame image...

EUVD-2026-36190

ImageMagick has Null Pointer Dereference caused by the distort operation when passing incorrect arguments...

EUVD-2026-36189

ImageMagick has a Use-After-Free when allocation in CheckPrimitiveExtent fails...

CVE-2026-56370

An out-of-bounds access vulnerability exists in ImageMagick's ConnectedComponentsImage function. By passing malformed connected-components definitions through the CLI, an attacker can cause a denial of service or potentially execute arbitrary code. Mitigation Prevent the injection of malformed...

CVE-2026-56368

A flaw was found in ImageMagick. This memory leak vulnerability exists in multiple coders that write raw pixel data, where allocated objects are not properly freed. A remote attacker can exploit this by processing specially crafted images, leading to memory exhaustion and a denial of service...

EUVD-2026-36185

ImageMagick: Policy Bypass can read disallowed files via symlink...

EUVD-2026-36184

ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions...

EUVD-2026-36183

ImageMagick has a Heap Buffer Over-Write in MAT decoder on 32-bit systems...

EUVD-2026-36182

ImageMagick Vulnerable to Stack Overflow in its MVG Decoder...

ImageMagick < 6.9.13-40 / 7.x < 7.1.2-15 Multiple Vulnerabilities

The remote host has a version of ImageMagick installed that is prior to 6.9.13-40 or 7.x prior to 7.1.2-15. It is, therefore, affected by multiple vulnerabilities: - ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes:...

Linux Distros Unpatched Vulnerability : CVE-2026-56370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with inval...