Heap Buffer Overflow in ImageMagick's FTXT Encoder by Vendor
CVE-2026-56374
4.8MEDIUM
What is CVE-2026-56374?
ImageMagick, a widely used image processing tool, has a vulnerability in the FTXT encoder that results from inadequate boundary checks during the parsing of the ftxt:format parameter. This enables remote attackers to create specially crafted FTXT image files that can lead to out-of-bounds reads. The exploitation of this flaw could result in denial of service or the potential for information disclosure, posing significant risks to system integrity and data security.
Affected Version(s)
ImageMagick 0 < 7.1.2-19
ImageMagick 7.1.2-19