Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
ImageMagick: Large Image Can Crash Software
CVE-2026-30883
GHSA-qmw5-2p58-xvrc
GHSA-qmw5-2p58-xvrc
Summary
Old versions of ImageMagick can crash when handling very large images. This can cause the program to stop working and may allow an attacker to exploit it. Update to the latest version to fix this issue.
What to do
- Update magick.net-q16-anycpu to version 14.10.4.
- Update magick.net-q16-hdri-anycpu to version 14.10.4.
- Update magick.net-q16-hdri-openmp-arm64 to version 14.10.4.
- Update magick.net-q16-hdri-openmp-x64 to version 14.10.4.
- Update magick.net-q16-hdri-arm64 to version 14.10.4.
- Update magick.net-q16-hdri-x64 to version 14.10.4.
- Update magick.net-q16-hdri-x86 to version 14.10.4.
- Update magick.net-q16-openmp-arm64 to version 14.10.4.
- Update magick.net-q16-openmp-x64 to version 14.10.4.
- Update magick.net-q16-openmp-x86 to version 14.10.4.
- Update magick.net-q16-arm64 to version 14.10.4.
- Update magick.net-q16-x64 to version 14.10.4.
- Update magick.net-q16-x86 to version 14.10.4.
- Update magick.net-q8-anycpu to version 14.10.4.
- Update magick.net-q8-openmp-arm64 to version 14.10.4.
- Update magick.net-q8-openmp-x64 to version 14.10.4.
- Update magick.net-q8-arm64 to version 14.10.4.
- Update magick.net-q8-x64 to version 14.10.4.
- Update magick.net-q8-x86 to version 14.10.4.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | magick.net-q16-anycpu | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-hdri-anycpu | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-hdri-openmp-arm64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-hdri-openmp-x64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-hdri-arm64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-hdri-x64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-hdri-x86 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-openmp-arm64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-openmp-x64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-openmp-x86 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-arm64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-x64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q16-x86 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q8-anycpu | <= 14.10.4 | 14.10.4 |
| – | magick.net-q8-openmp-arm64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q8-openmp-x64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q8-arm64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q8-x64 | <= 14.10.4 | 14.10.4 |
| – | magick.net-q8-x86 | <= 14.10.4 | 14.10.4 |
| imagemagick | imagemagick | <= 6.9.13-41 | – |
| imagemagick | imagemagick | > 7.0.0-0 , <= 7.1.2-16 | – |
Original title
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap over...
Original description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
nvd CVSS3.1
5.7
Vulnerability type
CWE-119
Buffer Overflow
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026