CVE-2026-25968 - Vulnerability Details

- ImageMagick has MSL attribute stack buffer overflow that leads to out of bounds write.

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Published: 2026-02-24

Score: 7.4 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A stack buffer overflow occurs when processing the MSL attribute in ImageMagick's msl.c file. A crafted long value overflows a fixed‑size stack buffer, corrupting adjacent memory and potentially allowing an attacker to execute arbitrary code. The vulnerability is classified as buffer overflow (CWE‑120, CWE‑121, CWE‑787).

Affected Systems

ImageMagick products prior to version 7.1.2‑15 and 6.9.13‑40 are affected. Upgrade to these releases or newer to prevent the flaw. The vulnerable code is part of the ImageMagick image processing engine.

Risk and Exploitability

The CVSS score is 7.4, indicating a high severity. EPSS is very low (<1%), suggesting that widespread exploitation is unlikely at this time. The vulnerability is not listed in CISA’s KEV catalog. An attacker would need to submit a malicious image containing a specially crafted MSL attribute; successful exploitation would lead to memory corruption and possible remote code execution. Users with the aforementioned workload should therefore patch promptly.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

ImageMagick

affected

Version	Status	Constraints
`>= 7.0.0, < 7.1.2-15`	affected	—
`< 6.9.13-40`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:imagemagick:imagemagick::::::::
	cpe:2.3:a:imagemagick:imagemagick::::::::

No data.

Vendor Product Confidence Versions

Imagemagick

100%

Version	Status	Scheme	Platform
`[7.0.0,7.1.2-15)`	affected	semver	—
`[0,6.9.13-40)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade ImageMagick to version 7.1.2‑15 or 6.9.13‑40 and newer.
Restrict file permissions so that only trusted administrators can execute ImageMagick binaries on untrusted systems.
Enable monitoring or logging to detect anomalous image processing activity that may indicate exploitation attempts.

Generated by OpenCVE AI on April 17, 2026 at 15:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-4497-1	imagemagick security update
Debian DSA	DSA-6158-1	imagemagick security update
Debian DSA	DSA-6159-1	imagemagick security update
Github GHSA	GHSA-3mwp-xqp2-q6ph	ImageMagick: MSL attribute stack buffer overflow leads to out of bounds write.
Ubuntu USN	USN-8069-1	ImageMagick vulnerabilities

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00061.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph
https://nvd.nist.gov/vuln/detail/CVE-2026-25968
https://www.cve.org/CVERecord?id=CVE-2026-25968

History

Wed, 25 Feb 2026 12:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-787
CPEs		cpe:2.3:a:imagemagick:imagemagick::::::::

Tue, 24 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-120
References		https://nvd.nist.gov/vuln/detail/CVE-2026-25968 https://www.cve.org/CVERecord?id=CVE-2026-25968
Metrics	threat_severity `None`	threat_severity `Moderate`

Tue, 24 Feb 2026 10:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Imagemagick Imagemagick imagemagick
Vendors & Products		Imagemagick Imagemagick imagemagick

Tue, 24 Feb 2026 02:00:00 +0000

Type	Values Removed	Values Added
Description		ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
Title		ImageMagick has MSL attribute stack buffer overflow that leads to out of bounds write.
Weaknesses		CWE-121
References		https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph
Metrics		cvssV3_1 `{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H'}`

Subscriptions

Imagemagick Imagemagick

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-02-24T01:30:58.881Z

Updated: 2026-02-26T21:33:39.723Z

Reserved: 2026-02-09T17:13:54.067Z

Link: CVE-2026-25968

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2026-02-24T02:16:01.647

Modified: 2026-02-25T11:58:14.647

Link: CVE-2026-25968

Redhat

Severity : Moderate

Publid Date: 2026-02-24T01:30:58Z

Links: CVE-2026-25968 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-17T16:00:11Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object