CVE-2026-27799
Received Received - Intake
Heap Buffer Over-Read in ImageMagick DJVU Handler Causes Memory Disclosure

Publication date: 2026-02-26

Last updated on: 2026-02-27

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride (row size) for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-26
Last Modified
2026-02-27
Generated
2026-06-16
AI Q&A
2026-02-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-27799
EUVD
EUVD-2026-8772
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick to 6.9.13-40 (exc)
imagemagick imagemagick From 7.0.0-0 (inc) to 7.1.2-15 (exc)
dlemstra magick.net to 14.10.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
CWE-126 The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-27799 is a heap buffer over-read vulnerability in the DJVU image format handler of ImageMagick, a software used for editing and manipulating digital images.

The vulnerability occurs because of integer truncation when calculating the stride (row size) for pixel buffer allocation. Specifically, the stride calculation overflows a 32-bit signed integer, which causes out-of-bounds memory reads on the heap.

This issue was fixed by changing the data type of the stride variable from a signed integer to an unsigned size type (size_t) to prevent overflow and ensure correct memory allocation.

Compliance Impact

I don't know

Mitigation Strategies

To mitigate the CVE-2026-27799 vulnerability in ImageMagick, you should upgrade ImageMagick to version 7.1.2-15 or later, or 6.9.13-40 or later, as these versions contain the patch that fixes the heap buffer over-read issue in the DJVU image format handler.

The patch corrects the integer overflow by changing the data type of the stride variable from a signed int to size_t, preventing out-of-bounds memory reads during pixel buffer allocation.

Detection Guidance

I don't know

Impact Analysis

This vulnerability can lead to out-of-bounds memory reads, which may cause memory corruption or crashes when processing DjVu images with vulnerable versions of ImageMagick.

The impact on a system includes potential low-level integrity and availability issues, such as unexpected behavior or denial of service, but it does not affect confidentiality.

Exploitation requires local access and is complex, but no privileges or user interaction are needed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27799. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart