PT-2026-57444 · Imagemagick · Imagemagick
Rexpository
·
Published
2026-07-11
·
Updated
2026-07-11
·
CVE-2026-61857
CVSS v3.1
3.7
Low
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L |
ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes.
Fix
Unchecked Return Value
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Imagemagick