CVE-2026-56368

ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service...

CVE-2026-56368 ImageMagick - Memory Leak in Raw Pixel Data Coders

ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service...

Astra Linux - уязвимость в imagemagick

A heap use-after-free flaw was discovered in the coder/bmp.c file of ImageMagick...

CLSA-2026-1778767103 Fix CVE(s): CVE-2026-25576, CVE-2026-28688, CVE-2026-28690

Security: - CVE-2026-25576: heap buffer over-read in raw pixel coders - CVE-2026-28688: use-after-free in MSL encoder - CVE-2026-28690: stack-based buffer overflow in MNG/JNG encoder...

CLSA-2026-1778487942 Fix CVE(s): CVE-2026-25576

SECURITY UPDATE: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - debian/patches/CVE-2026-25576.patch: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - CVE-2026-25576...

CLSA-2026-1778487863 Fix CVE(s): CVE-2026-25576

SECURITY UPDATE: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - debian/patches/CVE-2026-25576.patch: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - CVE-2026-25576...

4coders-commons (>=0.0.1 <=0.0.2), @11ty/eleventy (=0.3.3) +3655 more potentially affected by CVE-2026-33916 via handlebars (>=4.0.0 <=4.7.8)

handlebars NPM version =4.0.0, =0.0.1, =0.1.0, =0.1.0, =0.0.11, =0.0.52, =0.1.0, =0.0.72, =0.1.0, =1.1.1, =0.0.0-3b548b7bf6ff6554f724240da3a11be924237e6c, =1.16.0, =1.16.0, =1.16.0, =2.4.4 and more Source cves: CVE-2026-33916 Source advisory: SNYK:JS-HANDLEBARS-15789775...

ImageMagick: Memory Leak in multiple coders that write raw pixel data

A memory leak vulnerability exists in multiple coders that write raw pixel data where an object is not freed. Direct leak of 160 bytes in 1 objects allocated from:...

GHSA-WFX3-6G53-9FGC ImageMagick: Memory Leak in multiple coders that write raw pixel data

A memory leak vulnerability exists in multiple coders that write raw pixel data where an object is not freed. Direct leak of 160 bytes in 1 objects allocated from:...

ImageMagick has memory leak in msl encoder

Memory leak exists in coders/msl.c. In the WriteMSLImage function of the msl.c file, resources are allocated. But the function returns early without releasing these allocated resources. ==78983== Memcheck, a memory error detector ==78983== Copyright C 2002-2022, and GNU GPL'd, by Julian Seward et...

GHSA-JV4P-GJWQ-9R2J ImageMagick: Out of bounds read in multiple coders read raw pixel data

A heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larger than -size dimensions, causing out-of-bounds memory reads from a heap-allocated buffer...

CVE-2026-25969

CVE-2026-25969 is a memory leak in ImageMagick's coders/ashlar.c (WriteASHLARImage) that occurs when an exception is thrown before release of allocated memory. A patch exists in ImageMagick version 7.1.2-15; multiple advisories (SUSE/openSUSE SU-2026-0851/0852, Debian DSA-6158) reference this CVE...

CVE-2026-25797 ImageMagick vulnerable to Code injection via PostScript header in ps coders

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

CVE-2026-25797 ImageMagick vulnerable to Code injection via PostScript header in ps coders

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

CVE-2026-25576

CVE-2026-25576 affects ImageMagick. A heap buffer over-read occurs in multiple raw image format handles when processing images with -extract dimensions larger than -size, causing out-of-bounds reads from a heap-allocated buffer. This vulnerability is present in versions older than 7.1.2-15 and 6....

CVE-2026-25576 ImageMagick: Out of bounds read in multiple coders read raw pixel data

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larg...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained security vulnerabilities. These vulnerabilities were caused by a memory...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained a buffer error vulnerability. This vulnerability stemmed from an...

CVE-2026-25385

Server-Side Request Forgery SSRF vulnerability in KaizenCoders URL Shortify url-shortify allows Server Side Request Forgery.This issue affects URL Shortify: from n/a through = 1.12.3...

CLSA-2026-1771498382 ImageMagick: Fix of CVE-2025-68618

CVE-2025-68618: added recursion depth check in MSL and SVG coders - Check that image exists before we destroy it...