Skip to main content

ImageMagick CVE-2026-56371

| EUVDEUVD-2026-38439 MEDIUM
Memory Leak (CWE-401)
2026-06-23 VulnCheck GHSA-98gv-6gmj-cm6m
6.9
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
6.9 NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.3 MEDIUM

Network-triggerable via file upload with no auth required; availability impact is Low because memory exhaustion requires sustained repeated requests, not a single shot.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

4
CVSS changed
Jul 02, 2026 - 16:37 NVD
6.9 (MEDIUM)
Patch available
Jun 23, 2026 - 14:17 EUVD
Source Code Evidence Fetched
Jun 23, 2026 - 13:11 vuln.today
Analysis Generated
Jun 23, 2026 - 13:11 vuln.today

DescriptionCVE.org

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is processed.

AnalysisAI

Memory exhaustion in ImageMagick's TXT file coder (coders/txt.c) leaks heap allocations each time a crafted TXT file carrying a texture attribute is processed and GetTypeMetrics subsequently fails. Affected are ImageMagick before 7.1.2-15 and 6.9.13-40, and transitively Magick.NET NuGet packages before 14.10.3. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Supply crafted TXT file with texture attribute
Delivery
ImageMagick TXT coder calls ReadImage() for texture
Exploit
GetTypeMetrics fails on font lookup
Install
Error exit path skips DestroyImage()
C2
Heap allocation permanently leaked
Execute
Repeat at scale to exhaust process memory
Impact
Service crash or OOM termination

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target system processes TXT files through ImageMagick and that those TXT files contain a `texture` attribute - a non-default, optional feature of the TXT coder. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 4.0 vector (all impacts scored N) appears to be an unscored placeholder inconsistent with a memory leak vulnerability that can cause process-level availability degradation - this discrepancy should be noted and the vendor-published vector should not be used for prioritization. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker submits a series of crafted TXT files, each containing a `texture` attribute referencing a resource that causes GetTypeMetrics to fail, to a web application that passes user uploads to ImageMagick for processing. Each request causes a heap allocation to leak within the ImageMagick worker process; after sufficient iterations, the process's resident memory grows until it is terminated by the OS OOM killer or crashes, denying service to legitimate users. …
Remediation Upgrade ImageMagick to version 7.1.2-15 or later (7.x branch) or 6.9.13-40 or later (6.x branch), as documented in the upstream security advisory at https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3q5f-gmjc-38r8 and patched in commit e6394098af39a9689bb5f0b4eb6a9968e449a8d3. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2017-15277 MEDIUM POC
6.5 Oct 12

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when proc

CVE-2016-5841 CRITICAL POC
9.8 Dec 13

Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of serv

CVE-2016-3717 MEDIUM POC
5.5 May 05

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files vi

CVE-2016-5118 CRITICAL
9.8 Jun 10

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbit

CVE-2016-5689 CRITICAL POC
9.8 Dec 13

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact b

CVE-2016-5690 CRITICAL POC
9.8 Dec 13

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to

CVE-2016-5691 CRITICAL POC
9.8 Dec 13

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact b

CVE-2017-14138 CRITICAL POC
9.8 Sep 04

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in cer

CVE-2026-23876 CRITICAL POC
9.8 Jan 20

Heap buffer overflow in ImageMagick's XBM image decoder (ReadXBMImage) lets remote attackers write attacker-controlled d

CVE-2023-34152 CRITICAL POC
9.8 May 30

A vulnerability was found in ImageMagick. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable

CVE-2019-19952 CRITICAL POC
9.8 Dec 24

In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to R

CVE-2018-14551 CRITICAL POC
9.8 Jul 23

The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory cor

Share

CVE-2026-56371 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy