CVE-2026-53464

Published: Jun 10, 2026Modified: Jun 11, 2026

4.0

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 2.5 / Impact: 1.4

Source: security-advisories@github.com (Secondary)

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25.

Affected (1)

Products: Imagemagick: Imagemagick

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Imagemagick Imagemagick	Before 7.1.2-25

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (1)

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j989-f892-2335

Source: security-advisories@github.com

Vendor Advisory

Timeline

No history available yet.