CVE-2026-56375 PUBLISHED

ImageMagick - Memory Leak in ASHLAR Coder Action Failure

Assigner: VulnCheck
Reserved: 21.06.2026 Published: 15.07.2026 Updated: 15.07.2026

ImageMagick through 7.1.2-18 contains a memory leak vulnerability in the ASHLAR coder when an action fails. Attackers can trigger failed actions to exhaust memory resources and cause denial of service.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CVSS Score: 4.8

Product Status

Vendor ImageMagick
Product ImageMagick
Versions Default: unaffected
  • affected from 0 to 7.1.2-18 (incl.)

Credits

  • unbengable12 reporter

References

Problem Types

  • Missing Release of Memory after Effective Lifetime CWE