Division by Zero Vulnerability in ImageMagick by ImageMagick
CVE-2026-56363

4.8MEDIUM

Key Information:

Vendor
CVE Published:
30 June 2026

What is CVE-2026-56363?

ImageMagick versions prior to 7.1.2-22 are impacted by a division by zero vulnerability in the processing of binomial kernels. This flaw enables attackers to exploit the application by submitting excessively large binomial kernel values, resulting in integer overflow. Consequently, this can lead to a denial of service, manifesting as an application crash and impacting service availability.

Affected Version(s)

ImageMagick 0 < 7.1.2-22

ImageMagick 0 < 6.9.13-47

ImageMagick 7.1.2-22

References

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

007bsd
.