CVE-2026-25967

HIGH

ImageMagick <7.1.2-15 - Buffer Overflow

Title source: llm

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash. Version 7.1.2-15 contains a patch.

References (1)

Scores

CVSS v3 7.4
EPSS 0.0005
EPSS Percentile 16.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

Classification

CWE
CWE-121 CWE-787
Status published

Affected Products (19)

nuget/Magick.NET-Q16-AnyCPU < 14.10.3NuGet
nuget/Magick.NET-Q16-HDRI-AnyCPU < 14.10.3NuGet
nuget/Magick.NET-Q16-HDRI-OpenMP-arm64 < 14.10.3NuGet
nuget/Magick.NET-Q16-HDRI-OpenMP-x64 < 14.10.3NuGet
nuget/Magick.NET-Q16-HDRI-arm64 < 14.10.3NuGet
nuget/Magick.NET-Q16-HDRI-x64 < 14.10.3NuGet
nuget/Magick.NET-Q16-HDRI-x86 < 14.10.3NuGet
nuget/Magick.NET-Q16-OpenMP-arm64 < 14.10.3NuGet
nuget/Magick.NET-Q16-OpenMP-x64 < 14.10.3NuGet
nuget/Magick.NET-Q16-OpenMP-x86 < 14.10.3NuGet
nuget/Magick.NET-Q16-arm64 < 14.10.3NuGet
nuget/Magick.NET-Q16-x64 < 14.10.3NuGet
nuget/Magick.NET-Q16-x86 < 14.10.3NuGet
nuget/Magick.NET-Q8-AnyCPU < 14.10.3NuGet
nuget/Magick.NET-Q8-OpenMP-arm64 < 14.10.3NuGet
... and 4 more

Timeline

Published Feb 24, 2026
Tracked Since Feb 24, 2026