PT-2025-54204 · Unknown+1 · Imagemagick+1

Ylwango613

Published

2025-01-01

Updated

2026-01-28

CVE-2025-68950

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-12

Description ImageMagick, software used for editing and manipulating digital images, contains a flaw where it does not properly check for circular references between two MVGs. This can lead to a stack overflow, resulting in a denial-of-service (DoS) condition. Any situation allowing the reading of an mvg file is susceptible to this issue.

Recommendations Update to version 7.1.2-12 or later.

Exploit

Fix

DoS

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

BDU:2026-03168

CVE-2025-68950

DLA-4429-1

ECHO-7ABF-6014-4F67

GHSA-7RVH-XQP3-PR8J

OESA-2026-1033

OESA-2026-1034

OESA-2026-1035

OESA-2026-1036

OESA-2026-1037

OESA-2026-1038

OESA-2026-1051

OPENSUSE-SU-2026:10012-1

OPENSUSE-SU-2026:20118-1

SUSE-SU-2026:0061-1

SUSE-SU-2026:0072-1

SUSE-SU-2026:0073-1

SUSE-SU-2026:20183-1

Affected Products

Debian

Imagemagick

PT-2025-54204 · Unknown+1 · Imagemagick+1

CVE-2025-68950

Weakness Enumeration

Related Identifiers

Affected Products

References · 58