CVE-2026-53466
ImageMagick: Heap Buffer Over-Read in XCF decoder due to integer conversion overflow
Published:
7/1/2026
Last updated:
7/1/2026
Reserved:
6/9/2026
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.
CNA assigner:
GitHub_M (a0819718-46f1-4df5-94e2-005712e83aaa)
Requested by:
n/a
Products affected (1)
| Product |
Vendor |
Version |
| ImageMagick |
ImageMagick
|
< 19.1R1-S3, 19.1R2
|