Skip to main content

ImageMagick CVE-2026-56378

| EUVDEUVD-2026-38174 MEDIUM
Out-of-bounds Read (CWE-125)
2026-06-21 VulnCheck GHSA-jmqv-2mx7-544h
6.3
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
6.3 MEDIUM
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.8 MEDIUM

Network-delivered via crafted PCD file; AC:H reflects specific format prerequisites; A:L captures DoS impact that the provided CVSS 4.0 vector incorrectly omits (VA:N).

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
4.0 AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
Red Hat
4.8 MEDIUM
qualitative

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Source Code Evidence Fetched
Jun 22, 2026 - 06:36 vuln.today
Analysis Generated
Jun 22, 2026 - 06:36 vuln.today
Patch available
Jun 21, 2026 - 15:31 EUVD

DescriptionCVE.org

ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during image decoding, resulting in denial of service and potential disclosure of an adjacent heap byte.

AnalysisAI

Heap out-of-bounds read in ImageMagick's PCD image decoder (versions prior to 7.1.2-15 and 6.9.13-40) allows unauthenticated network-reachable attackers to cause denial of service and disclose a single adjacent heap byte by supplying a crafted PCD file to an image-processing endpoint. The vulnerability is rooted in the PCD coder's DecodeImage loop and requires high attack complexity (AC:H) with specific attack prerequisites (AT:P), meaning the target application must actively process attacker-supplied PCD files. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious PCD image file
Delivery
Submit file to ImageMagick-powered service
Exploit
PCD coder DecodeImage loop processes crafted input
Execution
One-byte heap out-of-bounds read triggered
Impact
Application crash (DoS) or single adjacent heap byte disclosed

Vulnerability AssessmentAI

Exploitation Exploitation requires that a vulnerable ImageMagick version (7.x before 7.1.2-15 or 6.x before 6.9.13-40) processes a crafted PCD (Kodak Photo CD) format file through the PCD coder's DecodeImage function. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 6.3 reflects a moderate-severity vulnerability with meaningful real-world constraints. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker submits a specially crafted PCD image file to a web application or API endpoint that processes user-supplied images using a vulnerable ImageMagick version. ImageMagick's PCD coder invokes DecodeImage on the malicious file, triggering a one-byte heap out-of-bounds read that either crashes the decoding process - causing a denial of service for the affected application worker - or, under a favorable heap layout, leaks a single byte of adjacent heap memory to the attacker's output. …
Remediation The primary fix is to upgrade ImageMagick to version 7.1.2-15 or later (7.x branch) or 6.9.13-40 or later (6.x branch), as confirmed by vendor advisory GHSA-wgxp-q8xq-wpp9 and the upstream patch commit at https://github.com/ImageMagick/ImageMagick/commit/436e5d2589e3c0adc10d9aa189e81d5d088d8207. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2017-15277 MEDIUM POC
6.5 Oct 12

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when proc

CVE-2016-5841 CRITICAL POC
9.8 Dec 13

Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of serv

CVE-2016-3717 MEDIUM POC
5.5 May 05

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files vi

CVE-2016-5118 CRITICAL
9.8 Jun 10

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbit

CVE-2016-5689 CRITICAL POC
9.8 Dec 13

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact b

CVE-2016-5690 CRITICAL POC
9.8 Dec 13

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to

CVE-2016-5691 CRITICAL POC
9.8 Dec 13

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact b

CVE-2017-14138 CRITICAL POC
9.8 Sep 04

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in cer

CVE-2026-23876 CRITICAL POC
9.8 Jan 20

Heap buffer overflow in ImageMagick's XBM image decoder (ReadXBMImage) lets remote attackers write attacker-controlled d

CVE-2023-34152 CRITICAL POC
9.8 May 30

A vulnerability was found in ImageMagick. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable

CVE-2019-19952 CRITICAL POC
9.8 Dec 24

In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to R

CVE-2018-14551 CRITICAL POC
9.8 Jul 23

The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory cor

Vendor StatusVendor

Share

CVE-2026-56378 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy