PT-2026-60152 · Imagemagick · Imagemagick

Bin-Infinite

·

Published

2026-07-15

·

Updated

2026-07-15

·

CVE-2026-61862

CVSS v3.1

2.9

Low

VectorAV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed (read past the profile boundary). This behavior occurs when debug output is enabled.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-61862

Affected Products

Imagemagick