PatchSiren cyber security CVE debrief
CVE-2026-56371 ImageMagick CVE debrief
CVE-2026-56371 is a memory leak vulnerability in ImageMagick when processing TXT files with texture attributes. The vulnerability occurs when the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is processed. This issue affects ImageMagick versions before 7.1.2-15 and 6.9.13-40. The CVE was published on June 23, 2026, and modified on June 24, 2026. The vulnerability has been analyzed and has a CVSS score of null and a severity of NONE.
- Vendor
- ImageMagick
- Product
- Unknown
- CVSS
- NONE
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-23
- Original CVE updated
- 2026-06-24
- Advisory published
- 2026-06-23
- Advisory updated
- 2026-06-24
Who should care
Defenders of systems using ImageMagick should be aware of this vulnerability and take steps to mitigate it. This includes upgrading to a version of ImageMagick that is not vulnerable, applying patches or workarounds, and monitoring for potential exploitation. Additionally, defenders should review their inventory of ImageMagick installations to ensure they are aware of all instances that may be affected.
Technical summary
The vulnerability occurs in the coders/txt.c file of ImageMagick, where the texture object allocated via ReadImage is not released when GetTypeMetrics fails. This results in a memory leak each time a crafted TXT file with a texture attribute is processed. The vulnerability can be exploited by processing a specially crafted TXT file, which could lead to a denial of service or potentially allow for code execution. The vulnerability has a CVSS vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.
Defensive priority
Defenders should prioritize patching or upgrading to a non-vulnerable version of ImageMagick. Additionally, defenders should monitor for potential exploitation and review their inventory of ImageMagick installations to ensure they are aware of all instances that may be affected.
Recommended defensive actions
- Upgrade to a version of ImageMagick that is not vulnerable
- Apply patches or workarounds provided by the vendor
- Monitor for potential exploitation and review logs for suspicious activity
- Review inventory of ImageMagick installations to ensure awareness of all instances that may be affected
- Consider implementing compensating controls, such as input validation and content filtering
Evidence notes
The CVE-2026-56371 vulnerability was analyzed and has a CVSS score of null and a severity of NONE. The vulnerability occurs in the coders/txt.c file of ImageMagick, where the texture object allocated via ReadImage is not released when GetTypeMetrics fails. The vulnerability can be exploited by processing a specially crafted TXT file, which could lead to a denial of service or potentially allow for code execution.
Official resources
-
CVE-2026-56371 CVE record
CVE.org
-
CVE-2026-56371 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
This article is AI-assisted and based on the supplied source corpus.