CVE-2026-25971
Received Received - Intake
Stack Overflow in ImageMagick MSL Handling Causes Crash

Publication date: 2026-02-24

Last updated on: 2026-02-25

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for circular references between two MSLs, leading to a stack overflow. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-14
NVD
CVE-2026-25971
EUVD
EUVD-2026-7427
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick to 6.9.13-40 (exc)
imagemagick imagemagick From 7.0.0-0 (inc) to 7.1.2-15 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
CWE-674 The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-25971 is a moderate severity vulnerability in ImageMagick versions prior to 7.1.2-15 and 6.9.13-40. It is caused by a stack overflow in the ProcessMSLScript function when processing Magick Scripting Language (MSL) files.

The issue occurs because ImageMagick fails to detect circular references between two MSL scripts, which leads to uncontrolled recursion during parsing. This recursion consumes excessive stack memory, resulting in a stack overflow.

This vulnerability can be triggered locally without any privileges or user interaction and is classified under CWE-674 (Uncontrolled Recursion).

Impact Analysis

The vulnerability primarily impacts the availability of the ImageMagick application by causing a stack overflow that leads to an application crash.

It does not affect confidentiality or integrity, but an attacker can cause a denial of service by triggering the uncontrolled recursion.

Since the vulnerability can be exploited locally without privileges or user interaction, it poses a risk of service disruption on affected systems.

Compliance Impact

I don't know

Detection Guidance

This vulnerability in ImageMagick can be detected by testing the processing of MSL (Magick Scripting Language) files that contain circular references between two MSL scripts. Since the issue causes a stack overflow due to uncontrolled recursion, monitoring for application crashes or stack exhaustion signals when processing MSL files is an indicator.

There are no specific commands provided in the resources to detect this vulnerability directly on your system or network.

Mitigation Strategies

The immediate mitigation step is to upgrade ImageMagick to versions 7.1.2-15 or 6.9.13-40 or later, as these versions contain patches that properly handle circular references in MSL processing and prevent the stack overflow.

Avoid processing untrusted or malicious MSL files that could trigger the vulnerability until the software is updated.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-25971. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart