Security Advisory

CVE-2026-24481

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-24 00:29:20

Last updated 2026-02-26 14:40:07

Assigner GitHub_M

State PUBLISHED

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagicks PSD (Adobe Photoshop) format handler. When processing a maliciously crafted PSD file containing ZIP-compressed layer data that decompresses to less than the expected size, uninitialized heap memory is leaked into the output image. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

← Browse all CVEs View on cve.org ↗