Description
ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash.
Published: 2026-06-21
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

ImageMagick before 7.1.2‑15 and 6.9.x before 6.9.13‑40 contains an integer overflow (CWE‑190) in the PSB (PSD v2) RLE decoding path, which triggers a heap out‑of‑bounds read (C on 32‑bit builds. A crafted PSB file can therefore expose sensitive data from the program’s memory or cause a crash, potentially allowing an attacker to learn confidential information.

Affected Systems

The vulnerable products are ImageMagick on all platforms that use the 32‑bit build of the library. Affected releases include every version before 7.1.2‑15 and 6.9.13‑40; upgrading to 7.1.2‑15 or later and 6.9.13‑40 or later eliminates the flaw.

Risk and Exploitability

The CVSS score of 6.3 classifies the vulnerability as medium severity, and it is not listed in the CISA KEV catalog. The EPSS score of < 1% indicates a very low but non‑zero probability of exploitation. Because the flaw is a read‑only memory issue, the impact is limited to information disclosure or a crash. The attack requires the execution of a malicious PSB file. The potential for remote exploitation is inferred based on the need for a malicious file to be processed by an application that accepts untrusted images; however, the description does not explicitly state that remote attack is possible, so such a scenario remains speculative. Overall, the risk is moderate, with no known exploitation evidence beyond the described out‑of‑bounds read.

Generated by OpenCVE AI on June 26, 2026 at 04:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ImageMagick to 7.1.2‑15 or later, or to 6.9.13‑40 or later
  • If an upgrade is not immediately possible, configure the system to reject or strip PSB files before they reach ImageMagick
  • Implement file‑type validation and upload restrictions to prevent arbitrary PSB files from being processed

Generated by OpenCVE AI on June 26, 2026 at 04:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6383-1 imagemagick security update
History

Fri, 26 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190
References
Metrics threat_severity

None

threat_severity

Moderate


Mon, 22 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 21 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
Description ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash.
Title ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding
First Time appeared Imagemagick
Imagemagick imagemagick
Weaknesses CWE-125
CPEs cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
Vendors & Products Imagemagick
Imagemagick imagemagick
References
Metrics cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Imagemagick Imagemagick
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-22T12:18:44.959Z

Reserved: 2026-06-21T02:05:21.920Z

Link: CVE-2026-56367

cve-icon Vulnrichment

Updated: 2026-06-22T12:18:41.121Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-21T13:26:56Z

Links: CVE-2026-56367 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T04:15:11Z

Weaknesses