PT-2026-21636 · Unknown+2 · Imagemagick+2

Ylwango613

Published

2026-02-24

Updated

2026-03-12

CVE-2026-25987

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40

Description ImageMagick is software used for editing and manipulating digital images. A heap buffer over-read issue exists in the MAP image decoder when processing specially crafted MAP files. This can lead to crashes or unintended memory disclosure during image decoding.

Recommendations Update ImageMagick to version 7.1.2-15 or later. Update ImageMagick to version 6.9.13-40 or later.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2026-25987

ECHO-60D9-0CDC-8D1E

GHSA-42P5-62QQ-MMH7

OESA-2026-1452

OESA-2026-1453

OESA-2026-1454

OESA-2026-1455

OESA-2026-1456

OESA-2026-1457

OPENSUSE-SU-2026:10267-1

OPENSUSE-SU-2026:20337-1

SUSE-SU-2026:0851-1

SUSE-SU-2026:0852-1

SUSE-SU-2026:0853-1

SUSE-SU-2026:0854-1

USN-8069-1

Affected Products

Imagemagick

Linuxmint

Ubuntu

PT-2026-21636 · Unknown+2 · Imagemagick+2

CVE-2026-25987

Weakness Enumeration

Related Identifiers

Affected Products

References · 153