CVE-2026-25982
Received Received - Intake
Heap Out-of-Bounds Read in ImageMagick DICOM Decoder Causes DoS

Publication date: 2026-02-24

Last updated on: 2026-02-25

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap out-of-bounds read vulnerability exists in the `coders/dcm.c` module. When processing DICOM files with a specific configuration, the decoder loop incorrectly reads bytes per iteration. This causes the function to read past the end of the allocated buffer, potentially leading to a Denial of Service (crash) or Information Disclosure (leaking heap memory into the image). Versions 7.1.2-15 and 6.9.13-40 contain a patch.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-02-25
Generated
2026-05-27
AI Q&A
2026-02-24
EPSS Evaluated
2026-05-25
NVD
CVE-2026-25982
EUVD
EUVD-2026-7425
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick to 6.9.13-40 (exc)
imagemagick imagemagick From 7.0.0-0 (inc) to 7.1.2-15 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?

The primary mitigation step is to upgrade ImageMagick to version 7.1.2-15 or later, or 6.9.13-40 or later, where the vulnerability has been patched.

Additionally, avoid processing untrusted or malformed DICOM files until the update is applied to prevent potential Denial of Service or Information Disclosure.


Can you explain this vulnerability to me?

CVE-2026-25982 is a moderate severity vulnerability in the ImageMagick software, specifically in the coders/dcm.c module that handles decoding of DICOM files.

The issue occurs when the decoder loop processes DICOM files with certain configurations and incorrectly reads bytes per iteration, causing it to read beyond the allocated heap buffer boundary.

This out-of-bounds read can lead to a Denial of Service (application crash) or Information Disclosure by leaking heap memory into the processed image.

The vulnerability affects ImageMagick versions prior to 7.1.2-15 and 6.9.13-40, which contain patches to fix this issue.


How can this vulnerability impact me? :

This vulnerability can impact you by causing a Denial of Service, where the ImageMagick application crashes when processing specially crafted DICOM files.

Additionally, it can lead to Information Disclosure by leaking heap memory contents into the processed image, potentially exposing sensitive data.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability exists in ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 when processing DICOM files. Detection involves identifying if vulnerable versions of ImageMagick are installed and if DICOM files are being processed.

You can check the installed ImageMagick version with the command:

  • magick -version

To detect attempts to exploit this vulnerability, monitor logs or network traffic for unusual crashes or errors related to ImageMagick processing DICOM files.

No specific detection commands or signatures are provided in the available resources.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart