CVE-2026-31853
Received Received - Intake
Integer Overflow in ImageMagick SFW Decoder Causes Crash

Publication date: 2026-03-11

Last updated on: 2026-03-17

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, an overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-11
Last Modified
2026-03-17
Generated
2026-06-16
AI Q&A
2026-03-11
EPSS Evaluated
2026-06-15
NVD
CVE-2026-31853
EUVD
EUVD-2026-11243
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick to 6.9.13-41 (exc)
imagemagick imagemagick From 7.0.0-0 (inc) to 7.1.2-16 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-31853 is a heap-based buffer overflow vulnerability in the SFW decoder component of ImageMagick on 32-bit systems.

This vulnerability occurs when processing extremely large images, causing a buffer allocated on the heap to be overwritten beyond its boundary.

The overflow can lead to a crash of the application.

It affects ImageMagick versions prior to 7.1.2-16 and 6.9.13-41, with patches available in these versions and later.

Impact Analysis

Exploitation of this vulnerability can cause the ImageMagick application to crash, resulting in a denial of service.

The impact on confidentiality is none, but there is a low impact on integrity and a high impact on availability.

The attack requires local access and is complex to execute, but does not require privileges or user interaction.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability affects the SFW decoder in ImageMagick on 32-bit systems when processing extremely large images, causing a heap-based buffer overflow and potential crash.'}, {'type': 'paragraph', 'content': 'Detection involves verifying the installed ImageMagick version and testing the processing of large SFW images to observe any crashes or abnormal behavior.'}, {'type': 'paragraph', 'content': 'You can check the installed ImageMagick version with the command:'}, {'type': 'list_item', 'content': 'convert --version'}, {'type': 'paragraph', 'content': 'If the version is prior to 7.1.2-16 or 6.9.13-41 on a 32-bit system, the system is vulnerable.'}, {'type': 'paragraph', 'content': "To test for the vulnerability, attempt to process an extremely large SFW image file using ImageMagick's convert or identify commands and monitor for crashes or errors."}] [1]

Mitigation Strategies

The primary mitigation step is to upgrade ImageMagick to version 7.1.2-16 or later, or 6.9.13-41 or later, where this vulnerability is fixed.

Additionally, avoid processing extremely large SFW images on 32-bit systems until the upgrade is applied.

Restrict local access to systems running vulnerable versions of ImageMagick to reduce the risk of exploitation, as the attack vector is local and complex.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31853. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart