Stack Overflow Vulnerability in ImageMagick Software by ImageMagick
CVE-2026-55594

5.3MEDIUM

Key Information:

Vendor
CVE Published:
1 July 2026

What is CVE-2026-55594?

ImageMagick, an open-source software suite for editing and manipulating images, has a vulnerability stemming from a missing depth check in the MVG decoder. This flaw allows for a stack overflow when an attacker submits a specially crafted image, potentially leading to arbitrary code execution. Users are encouraged to update to version 6.9.13-51 or 7.1.2-26 to mitigate risks associated with this security issue.

Affected Version(s)

ImageMagick >= 7.0.1-0, < 7.1.2-26 < 7.0.1-0, 7.1.2-26

ImageMagick < 6.9.13-51 < 6.9.13-51

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.