CVE-2026-40311
Use-After-Free in ImageMagick XMP Profile Parsing Causes Crash
Publication date: 2026-04-13
Last updated on: 2026-04-17
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| imagemagick | imagemagick | to 6.9.13-44 (exc) |
| imagemagick | imagemagick | From 7.0.0-0 (inc) to 7.1.2-19 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-693 | The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. |
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in ImageMagick versions below 7.1.2-19 and 6.9.13-44. It is a heap use-after-free issue that occurs when the software reads and prints values from an invalid XMP profile. This can cause the program to crash.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade ImageMagick to version 7.1.2-19 or later, or 6.9.13-44 or later, as these versions contain the fix for the heap use-after-free issue.
How can this vulnerability impact me? :
The vulnerability can cause ImageMagick to crash when processing certain images with invalid XMP profiles. This may lead to denial of service or instability in applications that rely on ImageMagick for image processing.