CVE-2026-27799
Heap Buffer Over-Read in ImageMagick DJVU Handler Causes Memory Disclosure
Publication date: 2026-02-26
Last updated on: 2026-02-27
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| imagemagick | imagemagick | to 6.9.13-40 (exc) |
| imagemagick | imagemagick | From 7.0.0-0 (inc) to 7.1.2-15 (exc) |
| dlemstra | magick.net | to 14.10.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-126 | The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. |
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
Can you explain this vulnerability to me?
CVE-2026-27799 is a heap buffer over-read vulnerability in the DJVU image format handler of ImageMagick, a software used for editing and manipulating digital images.
The vulnerability occurs because of integer truncation when calculating the stride (row size) for pixel buffer allocation. Specifically, the stride calculation overflows a 32-bit signed integer, which causes out-of-bounds memory reads on the heap.
This issue was fixed by changing the data type of the stride variable from a signed integer to an unsigned size type (size_t) to prevent overflow and ensure correct memory allocation.
How can this vulnerability impact me? :
This vulnerability can lead to out-of-bounds memory reads, which may cause memory corruption or crashes when processing DjVu images with vulnerable versions of ImageMagick.
The impact on a system includes potential low-level integrity and availability issues, such as unexpected behavior or denial of service, but it does not affect confidentiality.
Exploitation requires local access and is complex, but no privileges or user interaction are needed.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the CVE-2026-27799 vulnerability in ImageMagick, you should upgrade ImageMagick to version 7.1.2-15 or later, or 6.9.13-40 or later, as these versions contain the patch that fixes the heap buffer over-read issue in the DJVU image format handler.
The patch corrects the integer overflow by changing the data type of the stride variable from a signed int to size_t, preventing out-of-bounds memory reads during pixel buffer allocation.