CVE-2026-42050
Received Received - Intake
Heap Overflow in ImageMagick via Malicious MIFF File

Publication date: 2026-05-11

Last updated on: 2026-05-11

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerability is fixed in 7.1.2-21 and 6.9.13-46.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-11
Last Modified
2026-05-11
Generated
2026-06-21
AI Q&A
2026-05-11
EPSS Evaluated
2026-06-20
NVD
CVE-2026-42050
EUVD
EUVD-2026-29204
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick to 7.1.2-21 (exc)
imagemagick imagemagick to 6.9.13-46 (exc)
image_magick image_magick to 7.1.2-21|end_excluding=6.9.13-46 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-42050 is a stack buffer overflow vulnerability in the XTileImage component of ImageMagick versions prior to 7.1.2-21 and 6.9.13-46.

The issue occurs when a user opens a specially crafted malicious MIFF file in the ImageMagick display tool and then right-clicks a tile to select the Load / Update menu item, which triggers the overflow.

This vulnerability requires local access, no privileges, and user interaction to be exploited.

Compliance Impact

This vulnerability primarily impacts system availability due to a stack buffer overflow triggered by a malicious MIFF file. It does not affect confidentiality or integrity of data.

Since the vulnerability does not compromise confidentiality or integrity, it is unlikely to directly affect compliance with standards and regulations such as GDPR or HIPAA, which focus heavily on protecting personal data privacy and integrity.

Impact Analysis

The primary impact of this vulnerability is on system availability due to the stack buffer overflow.

There is no impact on confidentiality or integrity, meaning it does not directly lead to data leaks or unauthorized data modification.

Exploitation requires local access and user interaction, so remote attackers cannot exploit it without user involvement.

Detection Guidance

This vulnerability occurs when a user opens a malicious MIFF file in the ImageMagick display tool and right-clicks a tile to select the Load / Update menu item, triggering a stack buffer overflow.

Detection involves identifying usage of vulnerable ImageMagick versions prior to 7.1.2-21 and 6.9.13-46 and monitoring for attempts to open suspicious MIFF files locally.

Since the vulnerability requires local user interaction, network detection is limited. However, you can check the installed ImageMagick version with commands like:

  • imagemagick -version
  • convert -version

Additionally, monitoring system logs for crashes or abnormal behavior when opening MIFF files in the display tool may help detect exploitation attempts.

Mitigation Strategies

The primary mitigation step is to upgrade ImageMagick to version 7.1.2-21 or later, or 6.9.13-46 or later, where this vulnerability is fixed.

Until the upgrade is applied, avoid opening untrusted or suspicious MIFF files in the ImageMagick display tool, especially avoiding right-clicking tiles to invoke the Load / Update menu item.

Restrict local user access to systems running vulnerable versions to reduce the risk of exploitation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42050. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart