CVE-2026-28493
Received Received - Intake
Integer Overflow in ImageMagick SIXEL Decoder Causes OOB Access

Publication date: 2026-03-10

Last updated on: 2026-03-12

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerability is fixed in 7.1.2-16.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-10
Last Modified
2026-03-12
Generated
2026-06-16
AI Q&A
2026-03-10
EPSS Evaluated
2026-06-15
NVD
CVE-2026-28493
EUVD
EUVD-2026-10371
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
imagemagick imagemagick to 7.1.2-16 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-28493 is an integer overflow vulnerability in the SIXEL decoder component of ImageMagick versions prior to 7.1.2-16.

This flaw allows an attacker to trigger an out-of-bounds write by supplying a specially crafted image, potentially leading to memory corruption.

The vulnerability arises because the decoder performs calculations that can overflow an integer variable, causing it to wrap around to a smaller or negative value, which is then used improperly in memory operations.

The underlying weakness is classified under CWE-190 (Integer Overflow or Wraparound), where calculations assume values will not exceed the maximum representable integer, leading to erroneous behavior when this assumption is violated.

Impact Analysis

This vulnerability can lead to memory corruption through an out-of-bounds write, which may cause disruption or denial of service.

The impact on confidentiality is none, but it has a low impact on integrity and a high impact on availability.

An attacker can exploit this vulnerability remotely over the network without requiring privileges or user interaction, although the attack complexity is high.

Compliance Impact

I don't know

Detection Guidance

This vulnerability affects ImageMagick versions prior to 7.1.2-16, specifically in the SIXEL decoder component. To detect if your system is vulnerable, you should first check the installed version of ImageMagick.

  • Run the command `magick -version` or `convert -version` to determine the installed ImageMagick version.
  • If the version is older than 7.1.2-16, your system is vulnerable.

There are no specific network detection commands or signatures provided for this vulnerability, as it requires a specially crafted image to trigger the issue. Monitoring for unusual crashes or memory corruption in ImageMagick processes when processing SIXEL images may help identify exploitation attempts.

Mitigation Strategies

The primary mitigation step is to upgrade ImageMagick to version 7.1.2-16 or later, where this integer overflow vulnerability in the SIXEL decoder has been fixed.

  • Update ImageMagick to version 7.1.2-16 or newer.
  • If upgrading immediately is not possible, consider disabling or restricting processing of SIXEL images to prevent exploitation.
  • Monitor ImageMagick processes for crashes or abnormal behavior that could indicate exploitation attempts.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-28493. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart