Memory Leak Vulnerability in ImageMagick's JNG Encoder
CVE-2026-61866
2.1LOW
What is CVE-2026-61866?
A vulnerability exists in ImageMagick before version 7.1.2-26, where the JNG encoder is susceptible to a memory leak. This vulnerability arises when attackers deliver malformed JNG files that fail during blob operations, leading to resource exhaustion. By exploiting this issue, malicious actors can cause significant disruptions to system performance and resource availability.
Affected Version(s)
ImageMagick 0 < 7.1.2-26
ImageMagick 7.1.2-26