Skip to main content

ImageMagick CVE-2026-55594

| EUVDEUVD-2026-41122 MEDIUM
Uncontrolled Resource Consumption (CWE-400)
2026-07-01 GitHub_M
5.3
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
vuln.today AI
7.5 HIGH

Stack overflow from crafted MVG input crashes the process (A:H); all other metrics match the unauthenticated, network-accessible, zero-complexity attack surface with no confidentiality or integrity impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

2
Patch available
Jul 01, 2026 - 20:02 EUVD
Analysis Generated
Jul 01, 2026 - 19:37 vuln.today

DescriptionCVE.org

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder will result in a stack overflow when a crafted image is provided. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.

AnalysisAI

Stack overflow in ImageMagick's MVG decoder prior to versions 6.9.13-51 and 7.1.2-26 allows remote unauthenticated attackers to crash image-processing services by submitting a crafted MVG image file. The root cause is a missing depth check in the MVG decoder (CWE-400), enabling unbounded recursion that exhausts stack memory. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify internet-facing ImageMagick image upload endpoint
Delivery
Craft malicious MVG file with unbounded recursive structure
Exploit
Submit file to processing pipeline
Execution
MVG decoder invoked without depth check
Persist
Stack exhaustion triggers process crash
Impact
Denial of service achieved

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target runs an unpatched version of ImageMagick (prior to 6.9.13-51 on the 6.x branch or 7.1.2-26 on the 7.x branch) and that the attacker can deliver a crafted MVG image file into the ImageMagick processing pipeline - for example, via a file upload endpoint or any interface that invokes ImageMagick on attacker-supplied input. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor and NVD CVSS score of 5.3 (Medium) reflects AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L - a remotely exploitable, unauthenticated denial-of-service with limited availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker uploads a crafted MVG file to a web application that passes user-supplied images through ImageMagick for processing - such as a profile photo upload, document conversion service, or CMS media handler. The MVG decoder processes the file without bounding recursion depth, exhausting the process stack and crashing the ImageMagick worker or the application process itself, rendering the service unavailable. …
Remediation Upgrade to ImageMagick 6.9.13-51 (legacy branch) or 7.1.2-26 (current branch), as documented in the vendor advisory at https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mx48-2qq3-23hf. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2017-15277 MEDIUM POC
6.5 Oct 12

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when proc

CVE-2016-5841 CRITICAL POC
9.8 Dec 13

Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of serv

CVE-2016-3717 MEDIUM POC
5.5 May 05

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files vi

CVE-2016-5118 CRITICAL
9.8 Jun 10

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbit

CVE-2016-5689 CRITICAL POC
9.8 Dec 13

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact b

CVE-2016-5690 CRITICAL POC
9.8 Dec 13

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to

CVE-2016-5691 CRITICAL POC
9.8 Dec 13

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact b

CVE-2017-14138 CRITICAL POC
9.8 Sep 04

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in cer

CVE-2026-23876 CRITICAL POC
9.8 Jan 20

Heap buffer overflow in ImageMagick's XBM image decoder (ReadXBMImage) lets remote attackers write attacker-controlled d

CVE-2023-34152 CRITICAL POC
9.8 May 30

A vulnerability was found in ImageMagick. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable

CVE-2019-19952 CRITICAL POC
9.8 Dec 24

In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to R

CVE-2018-14551 CRITICAL POC
9.8 Jul 23

The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory cor

Share

CVE-2026-55594 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy