CVE-2026-56367
Received Received - Intake
Integer Overflow in ImageMagick PSB RLE Decoding

Publication date: 2026-06-21

Last updated on: 2026-06-21

Assigner: VulnCheck

Description
ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-21
Last Modified
2026-06-21
Generated
2026-06-21
AI Q&A
2026-06-21
EPSS Evaluated
N/A
NVD
CVE-2026-56367
EUVD
EUVD-2026-38173
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick to 7.1.2-15 (exc)
imagemagick imagemagick to 6.9.13-40 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an integer overflow in the PSB (PSD v2) RLE decoding path of ImageMagick's 32-bit builds. Specifically, it occurs in the ReadPSDChannelRLE function within the coders/psd.c file. The integer overflow causes a heap out-of-bounds read when processing specially crafted PSB files.

This means that the software reads memory outside the allocated heap buffer, which can lead to unintended behavior such as information disclosure or application crashes.

Impact Analysis

Exploiting this vulnerability can lead to two main impacts:

  • Information disclosure - an attacker may be able to access sensitive data from memory.
  • Application crash - the software processing the crafted PSB file may crash, causing denial of service.

The severity is considered low to moderate, with CVSS scores of 3.7 (v3.1) and 6.3 (v4.0), indicating limited but notable risk.

Detection Guidance

This vulnerability is triggered by processing specially crafted PSB (PSD v2) files in vulnerable ImageMagick 32-bit builds. Detection involves identifying if your system is running affected versions of ImageMagick (before 7.1.2-15 and 6.9.x before 6.9.13-40) on a 32-bit architecture.

You can check the installed ImageMagick version using the command:

  • magick -version

To detect exploitation attempts, monitor logs or network traffic for processing of suspicious or crafted PSB files. Since the vulnerability causes heap out-of-bounds reads, crashes or abnormal behavior in ImageMagick processes handling PSB files may indicate exploitation.

Mitigation Strategies

The immediate mitigation step is to upgrade ImageMagick to a fixed version that addresses this vulnerability. Specifically, update to version 7.1.2-15 or later, or 6.9.13-40 or later for the 6.9.x branch.

If upgrading is not immediately possible, avoid processing PSB (PSD v2) files with ImageMagick on affected 32-bit builds to prevent triggering the vulnerability.

Additionally, monitor your systems for crashes or unusual behavior in ImageMagick processes and restrict untrusted input files to reduce risk.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56367. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart