CVE-2026-28690
Stack Buffer Overflow in ImageMagick MNG Encoder
Publication date: 2026-03-10
Last updated on: 2026-03-11
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| imagemagick | imagemagick | to 6.9.13-41 (exc) |
| imagemagick | imagemagick | From 7.0.0-0 (inc) to 7.1.2-16 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with local access to cause stack corruption through crafted image files.
The consequences include potential high integrity and availability impacts, meaning the attacker could alter data or cause the application to crash or become unavailable.
Since the attack vector is local and requires high complexity, exploitation is not trivial but does not require privileges or user interaction.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
Can you explain this vulnerability to me?
CVE-2026-28690 is a stack-based buffer overflow vulnerability found in the MNG encoder component of ImageMagick, a software used for editing and manipulating digital images.
The vulnerability exists because of missing bounds checks, which allows attacker-controlled data to overwrite the stack memory, potentially causing corruption.
This flaw can lead to unexpected behavior or crashes when processing specially crafted image files.
It affects versions of ImageMagick prior to 7.1.2-16 and 6.9.13-41, and has been fixed in these versions.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a stack-based buffer overflow in the MNG encoder component of ImageMagick, which occurs due to missing bounds checks. Detection typically involves verifying the installed ImageMagick version to see if it is prior to the patched versions 7.1.2-16 or 6.9.13-41.
You can detect the vulnerability by checking the ImageMagick version installed on your system using the following command:
- magick --version
If the version is older than 7.1.2-16 or 6.9.13-41, your system is vulnerable. Additionally, monitoring for crashes or abnormal behavior when processing MNG images could indicate exploitation attempts, but no specific detection commands or network signatures are provided.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade ImageMagick to a fixed version. Specifically, update to version 7.1.2-16 or later, or 6.9.13-41 or later, where this stack buffer overflow vulnerability in the MNG encoder has been addressed.
Until the update can be applied, avoid processing untrusted or malicious MNG image files with vulnerable versions of ImageMagick to reduce the risk of exploitation.