Integer Overflow Vulnerability in ImageMagick Affects Image Processing
CVE-2026-53466
6.5MEDIUM
What is CVE-2026-53466?
ImageMagick is a widely-used open-source tool for editing and manipulating images. Prior to the releases 6.9.13-51 and 7.1.2-26, a vulnerability existed in the XCF decoder that allowed for an integer overflow. This flaw could lead to an out-of-bounds read when processing specially crafted image files, potentially causing application crashes and impacting service availability. Users are strongly advised to upgrade to the patched versions to mitigate this risk.
Affected Version(s)
ImageMagick < 6.9.13-51 < 6.9.13-51
ImageMagick >= 7.0.1-0, < 7.1.2-26 < 7.0.1-0, 7.1.2-26