Use-After-Free Vulnerability in ImageMagick Affects Image Processing
CVE-2026-55510

5.5MEDIUM

Key Information:

Vendor
CVE Published:
1 July 2026

What is CVE-2026-55510?

ImageMagick, a leading free and open-source software for image editing and manipulation, was found to have a use-after-free vulnerability when processing images that contain a specially crafted 8BIM profile. This vulnerability occurs prior to versions 6.9.13-51 and 7.1.2-26. If exploited, it can lead to unexpected behavior, potentially allowing an attacker to execute arbitrary code or cause a denial of service. Users are strongly urged to update to the latest versions to ensure their systems remain secure.

Affected Version(s)

ImageMagick >= 7.0.1-0, < 7.1.2-26 < 7.0.1-0, 7.1.2-26

ImageMagick < 6.9.13-51 < 6.9.13-51

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.