Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-06-10T21:58:14 ImageMagick: ImageMagick: Denial of Service via heap buffer over-write in MAT decoder 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CWE-253

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in versions 6.9.13-48 and 7.1.2-24.

A flaw was found in ImageMagick. A missing check of a return value in the MAT decoder on 32-bit systems could lead to a heap buffer over-write. This vulnerability may allow an attacker to cause a denial of service.

This Moderate impact flaw in ImageMagick could lead to a denial of service on 32-bit systems when processing a maliciously crafted MAT image file. The vulnerability arises from a missing return value check in the MAT decoder, which could result in a heap buffer over-write. Exploitation requires an attacker to provide a specially crafted image to a system running ImageMagick. Red Hat Enterprise Linux 6 Out of support scope ImageMagick Red Hat Enterprise Linux 7 Out of support scope ImageMagick https://www.cve.org/CVERecord?id=CVE-2026-48994 https://nvd.nist.gov/vuln/detail/CVE-2026-48994 https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-4v89-6mgq-6rgc