PT-2026-60156 · Imagemagick · Imagemagick
Published
2026-07-15
·
Updated
2026-07-15
·
CVE-2026-61866
CVSS v3.1
2.9
Low
| Vector | AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L |
ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the JNG encoder when a blob cannot be opened. Attackers can trigger the memory leak by providing malformed JNG files that fail blob operations, causing resource exhaustion.
Fix
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Imagemagick