Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` Image object is not freed on three early-return paths, resulting in a definite memory leak (~13.5KB+ per invocation) that can be exploited for denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
Published: 2026-02-24
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Fix
AI Analysis

Impact

ImageMagick, a widely used image manipulation library, contains a memory leak in the ReadSTEGANOImage function for versions prior to 7.1.2‑15 and 6.9.13‑40. When a caller reaches one of three early‑return paths, the watermark image object is not freed, leaking roughly 13.5 KB per invocation. Repeated processing of untrusted images can exhaust system memory and cause the image‑processing application or host to become unresponsive, resulting in a denial‑of‑service scenario. The vulnerability is a classic example of improper resource management (CWE‑401) and an unreleased resource destruction issue (CWE‑772).

Affected Systems

The vulnerable products are ImageMagick versions preceding 7.1.2‑15 and 6.9.13‑40. Systems running ImageMagick 7.1.2‑15 or newer, and 6.9.13‑40 or newer, contain the patch that frees the watermark image object properly. Any environment that employs older ImageMagick builds, such as web servers, content‑generation services, or local utilities that accept user‑supplied images, is susceptible.

Risk and Exploitability

The CVSS vector assigns a score of 5.3, indicating a moderate severity. The EPSS score is below 1 %, suggesting that attacks are currently unlikely, and the vulnerability is not listed in the CISA KEV catalog. Nevertheless, exploiting the leak requires only feeding crafted images to a running ImageMagick instance. If an application processes external images without bounds, an attacker can trigger the early‑return paths repeatedly, gradually consuming memory until a service crash or restart occurs. The overall risk is moderate, especially for high‑availability or high‑traffic image services.

Generated by OpenCVE AI on April 17, 2026 at 16:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ImageMagick to version 7.1.2‑15 or later, or 6.9.13‑40 and newer, where the watermark image is correctly freed.
  • When an upgrade is not immediately possible, configure the image‑processing environment to enforce strict memory limits or run ImageMagick in a sandboxed process so that a memory leak does not affect the entire host.
  • Validate or sanitize all incoming images before handing them to ImageMagick to reduce the chance of intentionally crafted images triggering the leak.

Generated by OpenCVE AI on April 17, 2026 at 16:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4497-1 imagemagick security update
Debian DSA Debian DSA DSA-6158-1 imagemagick security update
Debian DSA Debian DSA DSA-6159-1 imagemagick security update
Debian DSA Debian DSA DSA-6210-1 imagemagick security update
Github GHSA Github GHSA GHSA-g2pr-qxjg-7r2w ImageMagick has memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths
History

Fri, 27 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Feb 2026 19:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*

Tue, 24 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References
Metrics threat_severity

None

 threat_severity

Moderate

Tue, 24 Feb 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Imagemagick
Imagemagick imagemagick
Vendors & Products Imagemagick
Imagemagick imagemagick

Tue, 24 Feb 2026 01:15:00 +0000

Type Values Removed Values Added
Description ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` Image object is not freed on three early-return paths, resulting in a definite memory leak (~13.5KB+ per invocation) that can be exploited for denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
Title ImageMagick has memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths
Weaknesses CWE-401
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Imagemagick Imagemagick
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-26T15:12:22.180Z

Reserved: 2026-02-05T19:58:01.640Z

Link: CVE-2026-25796

cve-icon Vulnrichment

Updated: 2026-02-26T15:11:38.375Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-24T01:16:14.293

Modified: 2026-02-24T18:46:13.680

Link: CVE-2026-25796

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-02-24T00:57:27Z

Links: CVE-2026-25796 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T16:15:22Z

Weaknesses