CVE-2026-25971
Received Received - Intake
Stack Overflow in ImageMagick MSL Handling Causes Crash

Publication date: 2026-02-24

Last updated on: 2026-02-25

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for circular references between two MSLs, leading to a stack overflow. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-02-25
Generated
2026-05-06
AI Q&A
2026-02-24
EPSS Evaluated
2026-05-05
NVD
CVE-2026-25971
EUVD
EUVD-2026-7427
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick to 6.9.13-40 (exc)
imagemagick imagemagick From 7.0.0-0 (inc) to 7.1.2-15 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-674 The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-25971 is a moderate severity vulnerability in ImageMagick versions prior to 7.1.2-15 and 6.9.13-40. It is caused by a stack overflow in the ProcessMSLScript function when processing Magick Scripting Language (MSL) files.

The issue occurs because ImageMagick fails to detect circular references between two MSL scripts, which leads to uncontrolled recursion during parsing. This recursion consumes excessive stack memory, resulting in a stack overflow.

This vulnerability can be triggered locally without any privileges or user interaction and is classified under CWE-674 (Uncontrolled Recursion).


How can this vulnerability impact me? :

The vulnerability primarily impacts the availability of the ImageMagick application by causing a stack overflow that leads to an application crash.

It does not affect confidentiality or integrity, but an attacker can cause a denial of service by triggering the uncontrolled recursion.

Since the vulnerability can be exploited locally without privileges or user interaction, it poses a risk of service disruption on affected systems.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability in ImageMagick can be detected by testing the processing of MSL (Magick Scripting Language) files that contain circular references between two MSL scripts. Since the issue causes a stack overflow due to uncontrolled recursion, monitoring for application crashes or stack exhaustion signals when processing MSL files is an indicator.

There are no specific commands provided in the resources to detect this vulnerability directly on your system or network.


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade ImageMagick to versions 7.1.2-15 or 6.9.13-40 or later, as these versions contain patches that properly handle circular references in MSL processing and prevent the stack overflow.

Avoid processing untrusted or malicious MSL files that could trigger the vulnerability until the software is updated.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart