Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
ImageMagick allows malicious images to crash or harm systems
DEBIAN-CVE-2026-25897
Summary
Old versions of ImageMagick software can crash or be exploited by certain types of images. This affects systems that use these older versions, which can cause instability or allow an attacker to take control. Update to version 7.1.2-15 or 6.9.13-40 to fix the issue.
What to do
- Update debian imagemagick to version 8:7.1.1.43+dfsg1-1+deb13u6.
- Update debian imagemagick to version 8:7.1.2.15+dfsg1-1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| debian | imagemagick | All versions | – |
| debian | imagemagick | All versions | – |
| debian | imagemagick | <= 8:7.1.1.43+dfsg1-1+deb13u6 | 8:7.1.1.43+dfsg1-1+deb13u6 |
| debian | imagemagick | <= 8:7.1.2.15+dfsg1-1 | 8:7.1.2.15+dfsg1-1 |
Original title
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, an Integer Overflow vulnerability exists in the sun decoder....
Original description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, an Integer Overflow vulnerability exists in the sun decoder. On 32-bit systems/builds, a carefully crafted image can lead to an out of bounds heap write. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
osv CVSS3.1
9.8
- https://security-tracker.debian.org/tracker/CVE-2026-25897 Vendor Advisory
Published: 24 Feb 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026