Threat Intel

v0.1

← CVEs

CVE-2026-25898

MED 6.5
Published
2026-02-24
Last Modified
2026-02-25
Affected Apps
13
Affected Devices
49
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by `GetPixelIndex()` before using it as an array subscript. In HDRI builds, `Quantum` is a floating-point type, so pixel index values can be negative. An attacker can craft an image with negative pixel index values to trigger a global buffer overflow read during conversion, leading to information disclosure or a process crash. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
Affected Applications in Environment 13
ImageMagick v7.1.1-32
1 device
ImageMagick v6.9.10.68-6.el7_9
1 device
ImageMagick v7.1.2-13
1 device
ImageMagick v0:6.9.13.25-1.el8
1 device
ImageMagick v7.0.5
1 device
imagemagick v8:6.9.12.98+dfsg1-5.2build2
22 devices
imagemagick v8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5
13 devices
imagemagick v8:6.9.11.60+dfsg-1.6+deb12u4
1 device
imagemagick v8:6.8.9.9-7ubuntu5.16+esm19
1 device
imagemagick v8:6.9.10.23+dfsg-2.1ubuntu11.11
4 devices
imagemagick v8:6.9.11.60+dfsg-1.3+deb11u10
1 device
imagemagick v8:6.9.11.60+dfsg-1.3+deb11u9
1 device
imagemagick v8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm6
1 device
Affected Devices 49
ATWOOD-PD-BSMTH Windows BSTEVENS Windows MILLPRODWEB Windows blakeutil Linux cceredcapweb Linux dpapsb-191594.mypc.usu.edu Linux fw Linux guru.cluster Linux hotcheeto Linux itfinance Linux kcm.usu.edu Linux librenms Linux omekanew Linux owenclarke-OptiPlex-7090 Linux redcapweb Linux starfleetpad Linux storm Linux tsutil.it.usu.edu Linux web-lb01-redirect.usu.edu Linux web-lb02-redirect.usu.edu Linux web-lb03-redirect.usu.edu Linux web02.usu.edu Linux web03.usu.edu Linux web08.usu.edu Linux web09.usu.edu Linux web10 Linux web10-awhc Linux web10-awhc Linux web11.usu.edu Linux web12.usu.edu Linux web13.usu.edu Linux web14.usu.edu Linux web15.usu.edu Linux web16.usu.edu Linux web17 Linux web18 Linux web19.usu.edu Linux web20 Linux web25 Linux web27.usu.edu Linux web29.usu.edu Linux web30.usu.edu Linux web31.usu.edu Linux web32.usu.edu Linux web33.usu.edu Linux web34.usu.edu Linux web35.usu.edu Linux web36.usu.edu Linux web37.usu.edu Linux
References 1