Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image file, resulting in denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
Published: 2026-02-24
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

ImageMagick contained a NULL pointer dereference in the ClonePixelCacheRepository function. An attacker who supplies a specially crafted image file can trigger a crash in any application linked with ImageMagick, causing the application to terminate unexpectedly. This flaw permits remote denial of service via the image processing path and is classified as CWE-476.

Affected Systems

The vulnerability affects the ImageMagick image processing library. All releases prior to 7.1.2-15 and 6.9.13-40 are vulnerable. Systems that incorporate these older ImageMagick versions process untrusted images from any source, including remote network connections or third‑party content, making them susceptible.

Risk and Exploitability

With a CVSS score of 5.3 the flaw represents a medium‑severity risk. The EPSS score is below 1% and the vulnerability is not listed in CISA’s KEV catalog, indicating low exploitation likelihood at present. However, because the attack vector is simply an uploaded or received image, an attacker can launch the exploit without special privileges, making the attack path straightforward if the software is exposed to external image inputs.

Generated by OpenCVE AI on April 18, 2026 at 11:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ImageMagick to version 7.1.2-15 or 6.9.13-40, which contain the vendor fix.
  • If an immediate upgrade is not possible, restrict or eliminate untrusted image processing by blocking remote image traffic or validating image sources.
  • Implement a crash‑handling or supervision mechanism to restart the application automatically after an image processing crash to maintain service availability.

Generated by OpenCVE AI on April 18, 2026 at 11:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4497-1 imagemagick security update
Debian DSA Debian DSA DSA-6158-1 imagemagick security update
Debian DSA Debian DSA DSA-6159-1 imagemagick security update
Github GHSA Github GHSA GHSA-p863-5fgm-rgq4 ImageMagick has NULL Pointer Dereference in ClonePixelCacheRepository via crafted image
History

Thu, 26 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Feb 2026 19:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*

Tue, 24 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Tue, 24 Feb 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Imagemagick
Imagemagick imagemagick
Vendors & Products Imagemagick
Imagemagick imagemagick

Tue, 24 Feb 2026 01:15:00 +0000

Type Values Removed Values Added
Description ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image file, resulting in denial of service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
Title ImageMagick has NULL Pointer Dereference in ClonePixelCacheRepository via crafted image
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

Subscriptions

Imagemagick Imagemagick
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-26T15:21:20.797Z

Reserved: 2026-02-05T19:58:01.640Z

Link: CVE-2026-25798

cve-icon Vulnrichment

Updated: 2026-02-26T15:21:15.256Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-24T01:16:14.603

Modified: 2026-02-24T18:45:31.173

Link: CVE-2026-25798

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-02-24T01:02:30Z

Links: CVE-2026-25798 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T11:15:35Z

Weaknesses