Severity by source
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local-only vector and high complexity due to specific internal failure trigger required; no confidentiality or integrity impact, only low availability loss from a small unfreed allocation.
Primary rating from Vendor (VulnCheck).
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the hough lines operation: when a specific operation fails, a small memory leak occurs.
AnalysisAI
ImageMagick's hough lines operation leaks a small amount of memory when a specific internal sub-operation fails, affecting the 7.x branch before 7.1.2-26 and the 6.x legacy branch before 6.9.13-51. This CWE-401 flaw is locally exploitable only under high attack complexity with specific prerequisites, producing a low availability impact with no confidentiality or integrity consequence - reflected in the CVSS 4.0 score of 2.1. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires local access to the host running ImageMagick (AV:L per CVSS 4.0) and the ability to invoke the hough lines operation with a specifically crafted input that triggers an internal failure condition within that code path (AC:H, AT:P). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 score of 2.1 with vector AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N accurately characterises the minimal real-world risk: local attack vector, high complexity, and specific attack prerequisites (AT:P) mean this cannot be exploited remotely or trivially. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local user with access to an ImageMagick deployment submits a crafted image file designed to invoke the hough lines operation and trigger the specific internal failure condition, causing a small heap allocation to go unfreed. By scripting repeated submissions of such images, the attacker gradually accumulates leaked memory in the ImageMagick process, potentially degrading or crashing the service over an extended period. … |
| Remediation | Upgrade ImageMagick 7.x installations to version 7.1.2-26 or later, and ImageMagick 6.x installations to version 6.9.13-51 or later, as confirmed by GitHub Security Advisory GHSA-j8rh-v2r8-v94x (https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j8rh-v2r8-v94x). … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Imagemagick
View allReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when proc
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of serv
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files vi
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbit
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact b
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact b
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in cer
Heap buffer overflow in ImageMagick's XBM image decoder (ReadXBMImage) lets remote attackers write attacker-controlled d
A vulnerability was found in ImageMagick. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to R
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory cor
Same weakness CWE-401 – Memory Leak
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44614
GHSA-3w79-77cj-g7x9