CVE-2026-61464 PUBLISHED

ImageMagick before 7.1.2-26 Heap Buffer Over-Write via X11

Assigner: VulnCheck
Reserved: 09.07.2026 Published: 15.07.2026 Updated: 15.07.2026

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a heap-based buffer over-write vulnerability that occurs when running an X11 import with a crafted window title, which can result in heap memory corruption and denial of service.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CVSS Score: 1

Product Status

Vendor ImageMagick
Product ImageMagick
Versions Default: unaffected
  • affected from 0 to 7.1.2-26 (excl.)
  • Version 7.1.2-26 is unaffected
Vendor ImageMagick
Product ImageMagick
Versions Default: unaffected
  • affected from 0 to 6.9.13-51 (excl.)
  • Version 6.9.13-51 is unaffected

Credits

  • Kwstubbs reporter

References

Problem Types

  • Heap-based Buffer Overflow CWE