ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the JNG encoder when a blob cannot be opened. Attackers can trigger the memory leak by providing malformed JNG files that fail blob operations, causing resource exhaustion.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 15 Jul 2026 12:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the JNG encoder when a blob cannot be opened. Attackers can trigger the memory leak by providing malformed JNG files that fail blob operations, causing resource exhaustion. | |
| Title | ImageMagick before 7.1.2-26 Memory Leak in JNG encoder | |
| First Time appeared |
Imagemagick
Imagemagick imagemagick |
|
| Weaknesses | CWE-401 | |
| CPEs | cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Imagemagick
Imagemagick imagemagick |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-15T11:25:51.999Z
Reserved: 2026-07-10T21:53:55.769Z
Link: CVE-2026-61866
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses