CVE-2026-28494
Received Received - Intake
Stack Buffer Overflow in ImageMagick Morphology Kernel Parsing

Publication date: 2026-03-10

Last updated on: 2026-03-12

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-10
Last Modified
2026-03-12
Generated
2026-05-07
AI Q&A
2026-03-10
EPSS Evaluated
2026-05-05
NVD
CVE-2026-28494
EUVD
EUVD-2026-10373
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick to 6.9.13-41 (exc)
imagemagick imagemagick From 7.0.0-0 (inc) to 7.1.2-16 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

[{'type': 'paragraph', 'content': "CVE-2026-28494 is a high-severity stack buffer overflow vulnerability found in ImageMagick's morphology kernel parsing functions. It occurs when user-controlled kernel strings, such as long morphology kernel names or arrays, exceed the size of fixed-size stack buffers. These strings are copied into stack buffers using memcpy without proper bounds checking, which leads to stack corruption."}, {'type': 'paragraph', 'content': 'This vulnerability is classified as CWE-121 (Stack-based Buffer Overflow) and affects versions of ImageMagick prior to 7.1.2-16 and 6.9.13-41.'}] [1]


How can this vulnerability impact me? :

The vulnerability can impact you by allowing an attacker to cause stack corruption, which can lead to modification of data or disruption of service integrity and availability.

According to the CVSS v3.1 score of 7.1, the attack requires local access and user interaction but no privileges, and it has a high impact on integrity and availability, though no impact on confidentiality.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should upgrade ImageMagick to a patched version that addresses the stack buffer overflow issue.

  • Upgrade to ImageMagick version 7.1.2-16 or later.
  • Alternatively, upgrade to ImageMagick version 6.9.13-41 or later if using the 6.x branch.

Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart