CVE-2026-23874
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-20

Last updated on: 2026-01-29

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL (Magick Scripting Language) `<write>` command when writing to MSL format. Version 7.1.2-13 fixes the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-20
Last Modified
2026-01-29
Generated
2026-06-16
AI Q&A
2026-01-20
EPSS Evaluated
2026-06-15
NVD
CVE-2026-23874
EUVD
EUVD-2026-3588
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
imagemagick imagemagick to 7.1.2-13 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-835 The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stack overflow in ImageMagick versions prior to 7.1.2-13 caused by infinite recursion in the Magick Scripting Language (MSL) when using the <write> command to write to MSL format. Specifically, if an MSL script references itself directly or indirectly, it triggers repeated calls between functions handling the script parsing and writing, leading to infinite recursion and stack exhaustion, which crashes the application. [1]

Mitigation Strategies

The immediate mitigation step is to upgrade ImageMagick to version 7.1.2-13 or later, where this stack overflow vulnerability in MSL processing is fixed. Additionally, avoid processing untrusted or user-supplied MSL scripts, especially those that use the <write> command or filenames with the "msl:" prefix, to prevent triggering the infinite recursion and stack overflow. [1]

Impact Analysis

The vulnerability can cause a Denial of Service (DoS) by crashing any application that uses ImageMagick to process user-supplied MSL files. It affects availability only, with no impact on confidentiality or integrity. The attack requires local access with low privileges and no user interaction, making it relatively low complexity to exploit. [1]

Detection Guidance

This vulnerability can be detected by checking if your system is running an affected version of ImageMagick prior to 7.1.2-13. Additionally, monitoring for crashes or stack overflow errors related to ImageMagick processing MSL scripts, especially those involving the <write> command or filenames prefixed with "msl:", can indicate exploitation attempts. Since the vulnerability involves infinite recursion in MSL scripts, you can test by running ImageMagick commands that process MSL files with recursive references and observe if a stack overflow or crash occurs. Specific commands are not provided in the resources. [1]

Compliance Impact

This vulnerability causes a denial of service (availability impact) but does not affect confidentiality or integrity. Therefore, it does not directly impact compliance with standards focused on data protection such as GDPR or HIPAA, which primarily concern confidentiality and integrity of data. However, the availability impact could indirectly affect compliance if system availability is a regulatory requirement. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23874. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart