{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25969", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-09T17:13:54.067Z", "datePublished": "2026-02-24T01:33:00.362Z", "dateUpdated": "2026-02-26T21:33:39.566Z"}, "containers": {"cna": {"title": "ImageMagick has Memory Leak in coders/ashlar.c", "problemTypes": [{"descriptions": [{"cweId": "CWE-401", "lang": "en", "description": "CWE-401: Missing Release of Memory after Effective Lifetime", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xgm3-v4r9-wfgm", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xgm3-v4r9-wfgm"}], "affected": [{"vendor": "ImageMagick", "product": "ImageMagick", "versions": [{"version": "< 7.1.2-15", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-24T01:33:00.362Z"}, "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a structure. However, when an exception is thrown, the allocated memory is not properly released, resulting in a potential memory leak. Version 7.1.2-15 contains a patch."}], "source": {"advisory": "GHSA-xgm3-v4r9-wfgm", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25969", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-26T21:02:14.531744Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T21:33:39.566Z"}}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "matchCriteriaId": "B89F5759-9F8D-4C89-8D35-0FCE2AE715A4", "versionEndExcluding": "7.1.2-15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a structure. However, when an exception is thrown, the allocated memory is not properly released, resulting in a potential memory leak. Version 7.1.2-15 contains a patch."}, {"lang": "es", "value": "ImageMagick es un software libre y de c\u00f3digo abierto utilizado para editar y manipular im\u00e1genes digitales. Antes de la versi\u00f3n 7.1.2-15, existe una fuga de memoria en `coders/ashlar.c`. La `WriteASHLARImage` asigna una estructura. Sin embargo, cuando se lanza una excepci\u00f3n, la memoria asignada no se libera correctamente, lo que resulta en una posible fuga de memoria. La versi\u00f3n 7.1.2-15 contiene un parche."}], "id": "CVE-2026-25969", "lastModified": "2026-02-25T11:57:35.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-24T02:16:01.807", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xgm3-v4r9-wfgm"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "ImageMagick: ImageMagick: Memory leak leading to denial of service via image processing", "id": "2442116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442116"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-772", "details": ["A flaw was found in ImageMagick, a software used for editing and manipulating digital images. This vulnerability, a memory leak, occurs when the software processes certain image files. Specifically, during image writing operations, if an error occurs, allocated memory is not properly released. A remote attacker could exploit this by providing a specially crafted image, leading to resource exhaustion and a denial of service (DoS), making the system or application unavailable to legitimate users."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-25969", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2026-02-24T01:33:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-25969\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-25969\nhttps://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xgm3-v4r9-wfgm"], "statement": "The ImageMagick package in Red Hat Enterprise Linux 6 ELS and 7 ELS is affected by a MODERATE impact memory leak vulnerability. This flaw occurs when processing ASHLAR image files due to improper memory release during exception handling. Exploitation could lead to increased memory consumption.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,7.1.2-15)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "ImageMagick", "source": "cna", "vendor": "ImageMagick"}, "product": "imagemagick", "vendor": "imagemagick"}], "analysis": {"en": {"generated_at": "2026-04-17T15:59:19.412898+00:00", "value": {"mitigation_remediation": ["Upgrade the ImageMagick installation to version 7.1.2-15 or later, which contains the fix that correctly frees allocated memory on exception.", "If an immediate upgrade is not possible, apply the corrective patch or instructions provided in the vendor advisory to ensure memory is released when exceptions occur.", "After applying the patch or upgrade, monitor system memory usage and restart affected services if abnormal memory growth is observed, until the fix is fully validated."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "ImageMagick releases prior to version 7.1.2-15 are affected. The flaw is present in the main ImageMagick library used for image conversion tasks. The associated CPE string matches the ImageMagick software, indicating all installed instances of the library before the patch are vulnerable.", "description_and_impact": "The vulnerability arises from a memory leak in ImageMagick\u2019s ashlar coder when the WriteASHLARImage routine allocates resources that are not freed if an exception occurs. Although the flaw does not grant direct code execution, repeated or repeated processing of crafted images can consume system memory, potentially exhausting available resources and causing application or system downtime.", "risk_and_exploitability": "With a CVSS score of 5.3 and an EPSS below 1%, the probability of exploitation is low, and the flaw is not currently listed in the CISA\u2011KEV catalog. If an attacker can supply images that trigger the exception path, the memory leak could gradually consume system resources. The attack vector is inferred to be local or remote image\u2011processing requests, depending on how the ImageMagick binary is exposed. The lack of an immediate exploit makes this a medium\u2011risk issue primarily of resource exhaustion rather than a high\u2011severity security breach."}}}}, "created": "2026-02-24T09:53:52.501260+00:00", "updated": "2026-04-17T16:00:11.391426+00:00", "vendors": ["imagemagick", "imagemagick$PRODUCT$imagemagick"]}