6.5
CVE-2026-26284 - ImageMagick has heap overflow in pcd decoder that leads to out of bounds read.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huffman-coded data from PCD (Photo CD) files. The decoder contains an function that has an incorrect inβ¦
6.2
CVE-2026-26283 - ImageMagick has possible infinite loop in JPEG encoder when using `jpeg:extent`
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a `continue` statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger β¦
6.2
CVE-2026-26066 - ImageMagick has infinite loop when writing IPTCTEXT leads to denial of service via crafted profile
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT`. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
7.5
CVE-2026-25989 - ImageMagick has integer overflow or wraparound and incorrect conversion between numeric types in thβ¦
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check (`>` instead of `>=`) that allows bypass the guard and reach an undefined `(size_t)β¦
5.3
CVE-2026-25988 - ImageMagick's MSL image stack index not refreshed, leading to leaked images.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-40 β¦
5.3
CVE-2026-25987 - ImageMagick has heap buffer over-read in MAP image decoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory disclβ¦
5.3
CVE-2026-25986 - ImageMagick has a heap buffer overflow in YUV 4:2:2 decoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer overflow write vulnerability exists in ReadYUVImage() (coders/yuv.c) when processing malicious YUV 4:2:2 (NoInterlace) images. The pixel-pair loop wβ¦
7.5
CVE-2026-25985 - Memory allocation with excessive without limits in the internal SVG decoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate ~674 GB of memory, leading to an out-of-memory abort. Versions 7.1.2-β¦
5.3
CVE-2026-25983 - ImageMagick has Use After Free in MSLStartElement in "coders/msl.c"
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leadinβ¦
6.5
CVE-2026-25982 - ImageMagick Has Heap Out-of-Bounds Read in DCM Decoder (ReadDCMImage)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap out-of-bounds read vulnerability exists in the `coders/dcm.c` module. When processing DICOM files with a specific configuration, the decoder loop incorrectβ¦