Memory Leak Vulnerability in ImageMagick Affecting TIFF Processing
CVE-2026-61867

2.1LOW

Key Information:

Vendor
CVE Published:
15 July 2026

What is CVE-2026-61867?

A memory leak vulnerability exists in the TIFF encoder of ImageMagick prior to version 7.1.2-26. This issue arises when memory allocation fails during the processing of TIFF images, which can be manipulated by an attacker. By triggering allocation failures, an attacker can exhaust the server's memory resources, ultimately leading to a denial of service. It is crucial for users to update to the latest version to mitigate this risk and ensure system stability.

Affected Version(s)

ImageMagick 0 < 7.1.2-26

ImageMagick 7.1.2-26

References

CVSS V4

Score:
2.1
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.