CVE-2026-26983
Use-After-Free Vulnerability in ImageMagick MSL Interpreter Causes Crash
Publication date: 2026-02-24
Last updated on: 2026-02-24
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| imagemagick | imagemagick | to 6.9.13-40 (exc) |
| imagemagick | imagemagick | From 7.0.0-0 (inc) to 7.1.2-15 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-26983 is a moderate severity vulnerability affecting ImageMagick versions prior to 7.1.2-15 and 6.9.13-40. It occurs in the MSL (Magick Scripting Language) interpreter when processing an invalid <map> element. The interpreter crashes due to a use-after-free condition, meaning it tries to use an image object after it has already been freed from memory.
This issue is caused by a NULL pointer dereference (CWE-476), where the software attempts to access a pointer that is expected to be valid but is actually NULL.
How can this vulnerability impact me? :
The vulnerability impacts the availability of the ImageMagick software by causing the MSL interpreter to crash. This can lead to a denial of service (DoS) condition.
There is no impact on confidentiality or integrity, as the vulnerability does not allow unauthorized data access or modification.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability causes the ImageMagick MSL interpreter to crash when processing an invalid <map> element, resulting in a use-after-free condition. Detection can involve monitoring for crashes or denial of service symptoms related to ImageMagick processes.
Since the vulnerability is triggered by processing a crafted MSL script with an invalid <map> element, one detection approach is to test the ImageMagick installation by running MSL scripts containing such elements and observing if the interpreter crashes.
No specific commands or network detection signatures are provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade ImageMagick to a patched version. Specifically, update to version 7.1.2-15 or later, or 6.9.13-40 or later, which contain fixes for this vulnerability.
Until the upgrade is applied, avoid processing untrusted or potentially malicious MSL scripts that could contain invalid <map> elements to prevent crashes and denial of service.