Description
ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service.
Published: 2026-06-24
Score: 6.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

ImageMagick versions earlier than 7.1.2‑15 contain a memory leak in coders that handle raw pixel data. The bug occurs because allocated objects are not freed, which is a classic example of CWE‑401 (Memory Leak). When the software processes multiple images, the memory usage grows continually, leading to exhaustion. This results in a denial‑of‑service condition where the affected system can become unresponsive or crash.

Affected Systems

The flaw affects all deployments of ImageMagick invoking raw pixel coders, including the popular ImageMagick 7 series. All releases prior to 7.1.2‑15 are vulnerable. Users running earlier or unsupported versions are at risk.

Risk and Exploitability

The CVSS score of 6.3 indicates moderate severity, and the EPSS score is unavailable, suggesting limited public exploitation data. The vulnerability is not listed in the CISA KEV catalog. Attackers can trigger the leak by providing crafted image files to the vulnerable ImageMagick instance. Successful exploitation drains system memory and can culminate in service interruption, especially in high‑image‑processing environments.

Generated by OpenCVE AI on June 24, 2026 at 14:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade all ImageMagick installations to version 7.1.2‑15 or newer.
  • Restrict access to untrusted image processing or run ImageMagick within a sandboxed environment to prevent memory exhaustion from affecting the host.
  • Implement resource limits or set memory quotas for ImageMagick processes and monitor memory usage to detect abnormal consumption early.

Generated by OpenCVE AI on June 24, 2026 at 14:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-wfx3-6g53-9fgc ImageMagick: Memory Leak in multiple coders that write raw pixel data
History

Wed, 24 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 24 Jun 2026 12:00:00 +0000

Type Values Removed Values Added
Description ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service.
Title ImageMagick - Memory Leak in Raw Pixel Data Coders
First Time appeared Imagemagick
Imagemagick imagemagick
Weaknesses CWE-401
CPEs cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
Vendors & Products Imagemagick
Imagemagick imagemagick
References
Metrics cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Imagemagick Imagemagick
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-24T13:40:10.781Z

Reserved: 2026-06-21T02:05:21.920Z

Link: CVE-2026-56368

cve-icon Vulnrichment

Updated: 2026-06-24T13:38:00.765Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T17:00:13Z

Weaknesses
  • CWE-401

    Missing Release of Memory after Effective Lifetime