Memory Allocation Issue in ImageMagick by ImageMagick Studio LLC
CVE-2026-61465
4.8MEDIUM
What is CVE-2026-61465?
The vulnerability in ImageMagick prior to version 7.1.2-26 and 6.9.13-51 reveals a flaw where the software fails to enforce memory allocation limits during matrix-backed operations. An attacker can exploit this by submitting a specially crafted image which bypasses the configured memory limits, leading to potential denial of service. This flaw demonstrates the importance of proper memory allocation checks to prevent resource exhaustion and maintain service availability.
Affected Version(s)
ImageMagick 0 < 7.1.2-26
ImageMagick 0 < 6.9.13-51
ImageMagick 7.1.2-26