Memory Leak in ImageMagick Affects Log Colorspace Processing
CVE-2026-61864

2.1LOW

Key Information:

Vendor
CVE Published:
15 July 2026

What is CVE-2026-61864?

A memory leak vulnerability exists in ImageMagick versions prior to 7.1.2-26 and 6.9.13-51, specifically during color transformation operations to the log colorspace. When these operations fail, a small amount of memory remains allocated instead of being released properly, potentially leading to increased memory usage over time and impacting system performance. Proper adherence to security guidelines and updating to the latest versions is recommended to mitigate this issue.

Affected Version(s)

ImageMagick 0 < 7.1.2-26

ImageMagick 0 < 6.9.13-51

ImageMagick 7.1.2-26

References

CVSS V4

Score:
2.1
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Bin-infinite
.