CVE-2026-25798
NULL Pointer Dereference in ImageMagick Causes Remote DoS
Publication date: 2026-02-24
Last updated on: 2026-02-24
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| imagemagick | imagemagick | to 6.9.13-40 (exc) |
| imagemagick | imagemagick | From 7.0.0-0 (inc) to 7.1.2-15 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-25798 is a moderate severity vulnerability in ImageMagick, a software used for editing and manipulating digital images. The vulnerability is a NULL pointer dereference in the function ClonePixelCacheRepository, which can be triggered by processing a specially crafted image file.
This flaw allows a remote attacker to crash any application linked against ImageMagick without requiring any privileges or user interaction, resulting in a denial of service.
The issue occurs in the MagickCore/cache.c source file, specifically around line 753 in ClonePixelCacheRepository, and is related to other functions like OpenPixelCache, GetImagePixelCache, SyncImagePixelCache, and SetImageExtent.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing a remote attacker to cause a denial of service (DoS) on any application that uses ImageMagick by supplying a crafted image file.
The attacker does not need any privileges or user interaction to exploit this flaw, making it easier to trigger a crash and disrupt availability of the affected application.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing whether applications linked against vulnerable versions of ImageMagick crash when processing specially crafted image files that trigger a NULL pointer dereference in the ClonePixelCacheRepository function.'}, {'type': 'paragraph', 'content': 'One practical approach is to use a crafted image file known to exploit this flaw and observe if the application crashes or generates an AddressSanitizer report indicating a NULL pointer dereference.'}, {'type': 'paragraph', 'content': "Specific commands are not provided in the available resources, but generally, you can test ImageMagick command-line tools (like 'magick' or 'convert') by attempting to process the crafted image file and monitoring for crashes or error messages."}] [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade ImageMagick to a patched version, specifically version 7.1.2-15 or later, or 6.9.13-40 or later, where this NULL pointer dereference vulnerability has been fixed.
Until the upgrade can be applied, avoid processing untrusted or specially crafted image files that could trigger the vulnerability and cause denial of service.