CVE-2026-25985
Received Received - Intake
Out-of-Memory Vulnerability in ImageMagick via Malicious SVG

Publication date: 2026-02-24

Last updated on: 2026-02-25

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate ~674 GB of memory, leading to an out-of-memory abort. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-14
NVD
CVE-2026-25985
EUVD
EUVD-2026-7423
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick to 6.9.13-40 (exc)
imagemagick imagemagick From 7.0.0-0 (inc) to 7.1.2-15 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-789 The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-25985 is a high-severity vulnerability in ImageMagick's internal SVG decoder that affects versions prior to 7.1.2-15 and 6.9.13-40."}, {'type': 'paragraph', 'content': 'The vulnerability occurs because ImageMagick improperly handles memory allocation when processing specially crafted SVG files containing malicious elements.'}, {'type': 'paragraph', 'content': 'Specifically, an attacker can cause ImageMagick to attempt to allocate approximately 674 GB of memory without any limits, which leads to an out-of-memory abort.'}, {'type': 'paragraph', 'content': 'This results in denial of service by crashing the application or system.'}, {'type': 'paragraph', 'content': 'The issue is classified under CWE-770 (Allocation of Resources Without Limits or Throttling) and CWE-789 (Memory Allocation with Excessive Size Value).'}] [1]

Impact Analysis

This vulnerability can cause a denial of service by exhausting system memory when ImageMagick processes a malicious SVG file.

An attacker can remotely exploit this issue without any privileges or user interaction.

The excessive memory allocation attempt (around 674 GB) can crash the ImageMagick application or potentially the entire system, leading to service outages or disruptions.

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by monitoring for crashes or out-of-memory aborts in ImageMagick when processing SVG files, especially those that are crafted or suspicious.

Since the vulnerability arises from processing malicious SVG files, one detection approach is to identify usage of vulnerable ImageMagick versions (prior to 7.1.2-15 and 6.9.13-40) and monitor logs or application crashes related to SVG file handling.

No specific detection commands are provided in the available resources.

Mitigation Strategies

The immediate mitigation step is to upgrade ImageMagick to the patched versions 7.1.2-15 or 6.9.13-40, which contain fixes for this vulnerability.

Until the upgrade can be applied, avoid processing untrusted or suspicious SVG files with vulnerable versions of ImageMagick to prevent denial of service due to excessive memory allocation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-25985. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart