PT-2026-51784 · Imagemagick · Imagemagick

Ylwango613

Published

2026-06-24

Updated

2026-06-24

CVE-2026-56370

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of service or potential code execution.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2026-56370

Affected Products

Imagemagick

PT-2026-51784 · Imagemagick · Imagemagick

CVE-2026-56370

Weakness Enumeration

Related Identifiers

Affected Products

References · 3