Skip to main content

Imagemagick CVE-2026-25985

HIGH
Allocation of Resources Without Limits or Throttling (CWE-770)
2026-02-24 security-advisories@github.com GHSA-v7g2-m8c5-mf84
7.5
CVSS 3.1 · Vendor: github
Share

Severity by source

Vendor (github) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative
Red Hat
7.5 HIGH
qualitative

Primary rating from Vendor (github).

CVSS VectorVendor: github

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 24, 2026 - 02:16 nvd
HIGH 7.5

DescriptionCVE.org

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate ~674 GB of memory, leading to an out-of-memory abort. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

AnalysisAI

Imagemagick versions up to 7.1.2-15 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious SVG file
Delivery
Upload or provide SVG to ImageMagick
Exploit
Trigger memory allocation
Execution
Cause out-of-memory abort
Impact
Denial of service

Vulnerability AssessmentAI

Exploitation No special conditions — remote unauthenticated exploitation against ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 processing SVG files from untrusted sources. Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 7.5 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker could exploit this flaw, an out-of-memory abort.
Remediation Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all systems running ImageMagick up to version 7.1.2-15 and assess exposure to untrusted image sources. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-23876 CRITICAL POC
9.8 Jan 20

Heap buffer overflow in ImageMagick's XBM image decoder (ReadXBMImage) lets remote attackers write attacker-controlled d

CVE-2025-53015 HIGH POC
7.5 Jul 14

CVE-2025-53015 is a denial-of-service vulnerability in ImageMagick versions prior to 7.1.2-0 that causes infinite loops

CVE-2025-53101 HIGH POC
7.4 Jul 14

A remote code execution vulnerability in versions (CVSS 7.4). Risk factors: public PoC available. Vendor patch is availa

CVE-2026-23952 MEDIUM POC
6.5 Jan 22

ImageMagick and Magick.NET versions 14.10.1 and below are vulnerable to denial of service attacks through a null pointer

CVE-2026-25968 CRITICAL
9.8 Feb 24

Stack buffer overflow in ImageMagick's MSL (Magick Scripting Language) parser allows remote attackers to corrupt memory

CVE-2026-23874 MEDIUM POC
5.5 Jan 20

Imagemagick versions up to 7.1.2-13 is affected by loop with unreachable exit condition (infinite loop) (CVSS 5.5).

CVE-2026-25794 HIGH
8.2 Feb 24

Integer overflow in ImageMagick's UHDR image decoder allows remote attackers to trigger heap buffer overflows by supplyi

CVE-2026-28693 HIGH
8.1 Mar 10

High severity vulnerability in ImageMagick. An integer overflow in DIB coder can result in out of bounds read or write

CVE-2026-30929 HIGH
7.7 Mar 10

High severity vulnerability in ImageMagick. MagnifyImage uses a fixed-size stack buffer. When using a specific image it

CVE-2026-49218 HIGH
7.5

Denial of service in ImageMagick affects Alpine Linux package versions prior to 7.1.2.24-r0, where improper input valida

CVE-2026-25989 HIGH
7.5 Feb 24

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 are vulnerable to denial of service when processing maliciously cra

CVE-2026-25969 HIGH
7.5 Feb 24

Denial of service in ImageMagick prior to 7.1.2-15 stems from a memory leak in the WriteASHLARImage function within code

Vendor StatusVendor

SUSE

Severity: High
Product Status
Container suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.41 Container suse/sl-micro/6.1/base-os-container:2.2.1-5.62 Container suse/sl-micro/6.1/kvm-os-container:2.2.1-5.65 Container suse/sl-micro/6.1/rt-os-container:2.2.1-5.54 Image SL-Micro-Azure Image SL-Micro-BYOS-Azure Image SL-Micro-BYOS-EC2 Image SL-Micro-BYOS-GCE Image SL-Micro-EC2 Image SUSE-Multi-Linux-Manager-Proxy-BYOS-Azure Image SUSE-Multi-Linux-Manager-Proxy-BYOS-EC2 Image SUSE-Multi-Linux-Manager-Proxy-BYOS-GCE Image SUSE-Multi-Linux-Manager-Server-Azure-llc Image SUSE-Multi-Linux-Manager-Server-Azure-ltd Image SUSE-Multi-Linux-Manager-Server-BYOS-Azure Image SUSE-Multi-Linux-Manager-Server-BYOS-EC2 Image SUSE-Multi-Linux-Manager-Server-BYOS-GCE Image SUSE-Multi-Linux-Manager-Server-EC2-llc Image SUSE-Multi-Linux-Manager-Server-EC2-ltd Affected
SUSE Linux Enterprise Desktop 15 SP7 SUSE Linux Enterprise High Performance Computing 15 SP7 SUSE Linux Enterprise Server 15 SP7 SUSE Linux Enterprise Server for SAP Applications 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed
SUSE Linux Enterprise Module for Development Tools 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP6-LTSS Fixed

Share

CVE-2026-25985 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy