Use-After-Free Vulnerability in ImageMagick by ImageMagick
CVE-2026-61860
6.3MEDIUM
What is CVE-2026-61860?
An issue in ImageMagick prior to versions 7.1.2-26 and 6.9.13-51 allows for a use-after-free vulnerability. This flaw arises during the initialization failure of freetype, where the affected method fails to terminate and erroneously continues to reference memory that has been previously freed. This vulnerability can be exploited during image processing, potentially resulting in a denial of service, rendering the application unresponsive.
Affected Version(s)
ImageMagick 0 < 7.1.2-26
ImageMagick 0 < 6.9.13-51
ImageMagick 7.1.2-26