Heap Buffer Overflow Vulnerability in ImageMagick by ImageMagick
CVE-2026-56372

4.8MEDIUM

Key Information:

Vendor
CVE Published:
11 July 2026

What is CVE-2026-56372?

ImageMagick, a widely-used image manipulation software, has reported a heap buffer overflow vulnerability that can occur during its magnify operation. This flaw arises when an unrecognized magnify:method value is processed, leading to out-of-bounds memory reads. Attackers exploiting this vulnerability may gain access to sensitive information or potentially cause a denial of service, impacting the stability and confidentiality of systems utilizing this product.

Affected Version(s)

ImageMagick 0 < 7.1.2-19

ImageMagick 7.1.2-19

References

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

e1abrador
.