CVE-2026-26283
EUVD-2026-741424.02.2026, 03:16
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a `continue` statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger a 100% CPU consumption and process hang (Denial of Service) with a crafted image. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| imagemagick | imagemagick | 𝑥 < 6.9.13-40 |
| imagemagick | imagemagick | 7.0.0-0 ≤ 𝑥 < 7.1.2-15 |
𝑥
= Vulnerable software versions
openSUSE / SLES Releases
openSUSE Product | |||||||
|---|---|---|---|---|---|---|---|
| ImageMagick |
| ||||||
| ImageMagick-config-7-SUSE |
| ||||||
| ImageMagick-config-7-upstream-limited |
| ||||||
| ImageMagick-config-7-upstream-open |
| ||||||
| ImageMagick-config-7-upstream-secure |
| ||||||
| ImageMagick-config-7-upstream-websafe |
| ||||||
| ImageMagick-devel |
| ||||||
| libMagick++-7_Q16HDRI5 |
| ||||||
| libMagick++-devel |
| ||||||
| libMagickCore-7_Q16HDRI10 |
| ||||||
| libMagickWand-7_Q16HDRI10 |
|
Amazon Linux Releases
Amazon Package | |||||
|---|---|---|---|---|---|
| ImageMagick |
| ||||
| ImageMagick-c++ |
| ||||
| ImageMagick-c++-debuginfo |
| ||||
| ImageMagick-c++-devel |
| ||||
| ImageMagick-debuginfo |
| ||||
| ImageMagick-debugsource |
| ||||
| ImageMagick-devel |
| ||||
| ImageMagick-doc |
| ||||
| ImageMagick-libs |
| ||||
| ImageMagick-libs-debuginfo |
| ||||
| ImageMagick-perl |
| ||||
| ImageMagick-perl-debuginfo |
|
Common Weakness Enumeration