CVE-2026-25576
- Source
- https://cve.org/CVERecord?id=CVE-2026-25576
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-25576.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-25576
- Aliases
- Downstream
- Related
- Published
- 2026-02-24T00:38:34.337Z
- Modified
- 2026-03-23T05:02:56.382525255Z
- Severity
-
- 5.1 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- ImageMagick: Out of bounds read in multiple coders read raw pixel data
- Details
-
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larger than -size dimensions, causing out-of-bounds memory reads from a heap-allocated buffer. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
- Database specific
{ "cwe_ids": [ "CWE-122" ], "cna_assigner": "GitHub_M", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/25xxx/CVE-2026-25576.json" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/25xxx/CVE-2026-25576.json
- https://github.com/ImageMagick/ImageMagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f
- https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jv4p-gjwq-9r2j
- https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
- https://nvd.nist.gov/vuln/detail/CVE-2026-25576
Affected packages
Git / github.com/dlemstra/magick.net
Affected ranges
- Type
- GIT
- Repo
- https://github.com/dlemstra/magick.net
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "fixed": "14.10.3" } ] }
- Type
- GIT
- Repo
- https://github.com/imagemagick/imagemagick
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
10.*
10.0.0
10.1.0
11.*
11.0.0
11.1.0
11.1.1
11.1.2
11.2.0
11.2.1
11.3.0
12.*
12.0.0
12.0.1
12.1.0
12.2.0
12.2.1
12.2.2
12.3.0
13.*
13.0.0
13.0.1
13.1.0
13.1.1
13.1.2
13.1.3
13.10.0
13.2.0
13.3.0
13.4.0
13.5.0
13.6.0
13.7.0
13.8.0
13.9.0
13.9.1
14.*
14.0.0
14.1.0
14.10.0
14.10.1
14.10.2
14.2.0
14.3.0
14.4.0
14.5.0
14.6.0
14.7.0
14.8.0
14.8.1
14.8.2
14.9.0
14.9.1
6.*
6.8.5.1001
6.8.5.401
6.8.5.402
6.8.6.301
6.8.6.601
6.8.6.801
6.8.7.1
6.8.7.101
6.8.7.501
6.8.7.502
6.8.7.901
6.8.8.1001
6.8.8.201
6.8.8.501
6.8.8.701
6.8.8.801
6.8.8.901
6.8.9.1
6.8.9.101
6.8.9.2
6.8.9.401
6.8.9.501
6.8.9.601
6.9.10-0
6.9.10-1
6.9.10-10
6.9.10-11
6.9.10-12
6.9.10-13
6.9.10-14
6.9.10-15
6.9.10-16
6.9.10-17
6.9.10-18
6.9.10-19
6.9.10-2
6.9.10-20
6.9.10-21
6.9.10-22
6.9.10-23
6.9.10-24
6.9.10-25
6.9.10-26
6.9.10-27
6.9.10-28
6.9.10-29
6.9.10-3
6.9.10-30
6.9.10-31
6.9.10-32
6.9.10-33
6.9.10-34
6.9.10-35
6.9.10-36
6.9.10-37
6.9.10-38
6.9.10-39
6.9.10-4
6.9.10-40
6.9.10-41
6.9.10-42
6.9.10-43
6.9.10-44
6.9.10-45
6.9.10-46
6.9.10-47
6.9.10-48
6.9.10-49
6.9.10-5
6.9.10-50
6.9.10-51
6.9.10-52
6.9.10-53
6.9.10-54
6.9.10-55
6.9.10-56
6.9.10-57
6.9.10-58
6.9.10-59
6.9.10-6
6.9.10-60
6.9.10-61
6.9.10-62
6.9.10-63
6.9.10-64
6.9.10-65
6.9.10-66
6.9.10-67
6.9.10-68
6.9.10-69
6.9.10-7
6.9.10-70
6.9.10-71
6.9.10-72
6.9.10-73
6.9.10-74
6.9.10-75
6.9.10-77
6.9.10-78
6.9.10-79
6.9.10-8
6.9.10-80
6.9.10-81
6.9.10-82
6.9.10-83
6.9.10-84
6.9.10-85
6.9.10-86
6.9.10-87
6.9.10-88
6.9.10-89
6.9.10-9
6.9.10-90
6.9.10-91
6.9.10-92
6.9.10-93
6.9.10-94
6.9.10-95
6.9.10-96
6.9.10-97
6.9.11-0
6.9.11-1
6.9.11-10
6.9.11-11
6.9.11-12
6.9.11-13
6.9.11-14
6.9.11-15
6.9.11-16
6.9.11-17
6.9.11-18
6.9.11-19
6.9.11-2
6.9.11-20
6.9.11-21
6.9.11-22
6.9.11-23
6.9.11-24
6.9.11-25
6.9.11-26
6.9.11-27
6.9.11-28
6.9.11-29
6.9.11-3
6.9.11-30
6.9.11-31
6.9.11-32
6.9.11-33
6.9.11-34
6.9.11-35
6.9.11-36
6.9.11-37
6.9.11-38
6.9.11-39
6.9.11-4
6.9.11-40
6.9.11-41
6.9.11-42
6.9.11-43
6.9.11-44
6.9.11-45
6.9.11-46
6.9.11-47
6.9.11-48
6.9.11-49
6.9.11-5
6.9.11-50
6.9.11-51
6.9.11-52
6.9.11-53
6.9.11-54
6.9.11-55
6.9.11-56
6.9.11-57
6.9.11-59
6.9.11-6
6.9.11-60
6.9.11-61
6.9.11-62
6.9.11-7
6.9.11-8
6.9.11-9
6.9.12-0
6.9.12-1
6.9.12-10
6.9.12-11
6.9.12-12
6.9.12-14
6.9.12-15
6.9.12-16
6.9.12-17
6.9.12-18
6.9.12-19
6.9.12-2
6.9.12-20
6.9.12-21
6.9.12-22
6.9.12-23
6.9.12-24
6.9.12-25
6.9.12-26
6.9.12-27
6.9.12-28
6.9.12-29
6.9.12-3
6.9.12-30
6.9.12-31
6.9.12-32
6.9.12-33
6.9.12-34
6.9.12-35
6.9.12-36
6.9.12-37
6.9.12-38
6.9.12-39
6.9.12-4
6.9.12-40
6.9.12-41
6.9.12-42
6.9.12-43
6.9.12-44
6.9.12-45
6.9.12-46
6.9.12-47
6.9.12-48
6.9.12-49
6.9.12-5
6.9.12-50
6.9.12-51
6.9.12-52
6.9.12-53
6.9.12-54
6.9.12-55
6.9.12-56
6.9.12-57
6.9.12-58
6.9.12-59
6.9.12-6
6.9.12-60
6.9.12-61
6.9.12-62
6.9.12-63
6.9.12-64
6.9.12-65
6.9.12-66
6.9.12-67
6.9.12-68
6.9.12-69
6.9.12-7
6.9.12-70
6.9.12-71
6.9.12-72
6.9.12-73
6.9.12-74
6.9.12-75
6.9.12-76
6.9.12-77
6.9.12-78
6.9.12-79
6.9.12-8
6.9.12-80
6.9.12-81
6.9.12-82
6.9.12-83
6.9.12-84
6.9.12-85
6.9.12-86
6.9.12-87
6.9.12-88
6.9.12-89
6.9.12-9
6.9.12-90
6.9.12-91
6.9.12-92
6.9.12-93
6.9.12-94
6.9.12-95
6.9.12-96
6.9.12-97
6.9.12-98
6.9.12-99
6.9.13-0
6.9.13-1
6.9.13-10
6.9.13-11
6.9.13-12
6.9.13-13
6.9.13-14
6.9.13-15
6.9.13-16
6.9.13-17
6.9.13-18
6.9.13-19
6.9.13-2
6.9.13-21
6.9.13-22
6.9.13-23
6.9.13-24
6.9.13-25
6.9.13-26
6.9.13-27
6.9.13-28
6.9.13-29
6.9.13-3
6.9.13-30
6.9.13-31
6.9.13-32
6.9.13-33
6.9.13-34
6.9.13-35
6.9.13-36
6.9.13-37
6.9.13-38
6.9.13-39
6.9.13-4
6.9.13-5
6.9.13-6
6.9.13-7
6.9.13-8
6.9.13-9
6.9.4-0
6.9.4-1
6.9.4-10
6.9.4-2
6.9.4-3
6.9.4-4
6.9.4-5
6.9.4-6
6.9.4-7
6.9.4-8
6.9.4-9
6.9.5-0
6.9.5-1
6.9.5-10
6.9.5-2
6.9.5-3
6.9.5-4
6.9.5-5
6.9.5-6
6.9.5-7
6.9.5-8
6.9.5-9
6.9.6-0
6.9.6-1
6.9.6-2
6.9.6-3
6.9.6-4
6.9.6-5
6.9.6-6
6.9.6-7
6.9.6-8
6.9.7-0
6.9.7-1
6.9.7-10
6.9.7-2
6.9.7-3
6.9.7-4
6.9.7-5
6.9.7-6
6.9.7-7
6.9.7-8
6.9.7-9
6.9.8-0
6.9.8-1
6.9.8-10
6.9.8-2
6.9.8-3
6.9.8-4
6.9.8-5
6.9.8-6
6.9.8-7
6.9.8-8
6.9.8-9
6.9.9-0
6.9.9-1
6.9.9-10
6.9.9-11
6.9.9-12
6.9.9-13
6.9.9-14
6.9.9-15
6.9.9-17
6.9.9-18
6.9.9-19
6.9.9-2
6.9.9-20
6.9.9-21
6.9.9-22
6.9.9-23
6.9.9-24
6.9.9-25
6.9.9-26
6.9.9-27
6.9.9-28
6.9.9-29
6.9.9-3
6.9.9-30
6.9.9-31
6.9.9-32
6.9.9-33
6.9.9-34
6.9.9-35
6.9.9-36
6.9.9-37
6.9.9-38
6.9.9-39
6.9.9-4
6.9.9-40
6.9.9-41
6.9.9-42
6.9.9-43
6.9.9-44
6.9.9-45
6.9.9-46
6.9.9-47
6.9.9-48
6.9.9-49
6.9.9-5
6.9.9-50
6.9.9-51
6.9.9-6
6.9.9-7
6.9.9-8
6.9.9-9
7.*
7.0.0.1
7.0.0.10
7.0.0.101
7.0.0.102
7.0.0.103
7.0.0.104
7.0.0.11
7.0.0.12
7.0.0.13
7.0.0.14
7.0.0.15
7.0.0.16
7.0.0.17
7.0.0.18
7.0.0.19
7.0.0.2
7.0.0.20
7.0.0.21
7.0.0.22
7.0.0.3
7.0.0.5
7.0.0.6
7.0.0.7
7.0.0.8
7.0.0.9
7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.1.0
7.0.1.100
7.0.1.101
7.0.1.500
7.0.10-0
7.0.10-1
7.0.10-10
7.0.10-11
7.0.10-12
7.0.10-13
7.0.10-14
7.0.10-15
7.0.10-16
7.0.10-17
7.0.10-18
7.0.10-19
7.0.10-2
7.0.10-20
7.0.10-21
7.0.10-22
7.0.10-23
7.0.10-24
7.0.10-25
7.0.10-26
7.0.10-27
7.0.10-28
7.0.10-29
7.0.10-3
7.0.10-30
7.0.10-31
7.0.10-32
7.0.10-33
7.0.10-34
7.0.10-35
7.0.10-36
7.0.10-37
7.0.10-38
7.0.10-39
7.0.10-4
7.0.10-40
7.0.10-41
7.0.10-42
7.0.10-43
7.0.10-44
7.0.10-45
7.0.10-46
7.0.10-47
7.0.10-48
7.0.10-49
7.0.10-5
7.0.10-50
7.0.10-51
7.0.10-52
7.0.10-53
7.0.10-54
7.0.10-55
7.0.10-56
7.0.10-57
7.0.10-58
7.0.10-59
7.0.10-6
7.0.10-60
7.0.10-61
7.0.10-62
7.0.10-7
7.0.10-8
7.0.10-9
7.0.11-0
7.0.11-1
7.0.11-10
7.0.11-11
7.0.11-12
7.0.11-13
7.0.11-14
7.0.11-2
7.0.11-3
7.0.11-4
7.0.11-5
7.0.11-6
7.0.11-7
7.0.11-8
7.0.11-9
7.0.2-0
7.0.2-1
7.0.2-10
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7
7.0.2-8
7.0.2-9
7.0.2.100
7.0.2.400
7.0.2.600
7.0.2.900
7.0.2.901
7.0.2.902
7.0.3-0
7.0.3-1
7.0.3-10
7.0.3-2
7.0.3-3
7.0.3-4
7.0.3-5
7.0.3-6
7.0.3-7
7.0.3-8
7.0.3-9
7.0.3.0
7.0.3.1
7.0.3.300
7.0.3.500
7.0.3.501
7.0.3.502
7.0.3.901
7.0.3.902
7.0.4-0
7.0.4-1
7.0.4-10
7.0.4-2
7.0.4-3
7.0.4-4
7.0.4-5
7.0.4-6
7.0.4-7
7.0.4-8
7.0.4-9
7.0.4.100
7.0.4.400
7.0.4.700
7.0.4.701
7.0.5-0
7.0.5-1
7.0.5-10
7.0.5-2
7.0.5-3
7.0.5-4
7.0.5-5
7.0.5-6
7.0.5-7
7.0.5-8
7.0.5-9
7.0.5.500
7.0.5.501
7.0.5.502
7.0.5.800
7.0.5.900
7.0.6-0
7.0.6-1
7.0.6-2
7.0.6-3
7.0.6-4
7.0.6-5
7.0.6-6
7.0.6-7
7.0.6-8
7.0.6-9
7.0.6.0
7.0.6.100
7.0.6.1000
7.0.6.1001
7.0.6.1002
7.0.6.101
7.0.6.102
7.0.6.600
7.0.6.601
7.0.7-0
7.0.7-1
7.0.7-10
7.0.7-11
7.0.7-12
7.0.7-13
7.0.7-14
7.0.7-15
7.0.7-16
7.0.7-17
7.0.7-18
7.0.7-19
7.0.7-2
7.0.7-20
7.0.7-21
7.0.7-22
7.0.7-23
7.0.7-24
7.0.7-25
7.0.7-26
7.0.7-27
7.0.7-28
7.0.7-29
7.0.7-3
7.0.7-30
7.0.7-31
7.0.7-32
7.0.7-33
7.0.7-34
7.0.7-35
7.0.7-36
7.0.7-37
7.0.7-38
7.0.7-39
7.0.7-4
7.0.7-5
7.0.7-6
7.0.7-8
7.0.7-9
7.0.7.0
7.0.7.300
7.0.7.7
7.0.7.700
7.0.7.900
7.0.8-0
7.0.8-1
7.0.8-10
7.0.8-11
7.0.8-12
7.0.8-13
7.0.8-14
7.0.8-15
7.0.8-16
7.0.8-17
7.0.8-18
7.0.8-19
7.0.8-2
7.0.8-20
7.0.8-21
7.0.8-22
7.0.8-23
7.0.8-24
7.0.8-25
7.0.8-26
7.0.8-27
7.0.8-28
7.0.8-29
7.0.8-3
7.0.8-30
7.0.8-31
7.0.8-32
7.0.8-33
7.0.8-34
7.0.8-35
7.0.8-36
7.0.8-37
7.0.8-38
7.0.8-39
7.0.8-4
7.0.8-40
7.0.8-41
7.0.8-42
7.0.8-43
7.0.8-44
7.0.8-45
7.0.8-46
7.0.8-47
7.0.8-48
7.0.8-49
7.0.8-5
7.0.8-50
7.0.8-51
7.0.8-52
7.0.8-53
7.0.8-54
7.0.8-55
7.0.8-56
7.0.8-57
7.0.8-58
7.0.8-59
7.0.8-6
7.0.8-60
7.0.8-61
7.0.8-62
7.0.8-63
7.0.8-64
7.0.8-65
7.0.8-66
7.0.8-67
7.0.8-68
7.0.8-7
7.0.8-8
7.0.8-9
7.0.9-0
7.0.9-1
7.0.9-10
7.0.9-11
7.0.9-12
7.0.9-13
7.0.9-14
7.0.9-15
7.0.9-16
7.0.9-17
7.0.9-18
7.0.9-19
7.0.9-2
7.0.9-20
7.0.9-21
7.0.9-22
7.0.9-23
7.0.9-24
7.0.9-25
7.0.9-26
7.0.9-27
7.0.9-4
7.0.9-5
7.0.9-6
7.0.9-7
7.0.9-8
7.0.9-9
7.1.0-0
7.1.0-1
7.1.0-10
7.1.0-11
7.1.0-12
7.1.0-13
7.1.0-14
7.1.0-15
7.1.0-16
7.1.0-17
7.1.0-18
7.1.0-19
7.1.0-2
7.1.0-20
7.1.0-21
7.1.0-22
7.1.0-23
7.1.0-24
7.1.0-25
7.1.0-26
7.1.0-27
7.1.0-28
7.1.0-29
7.1.0-3
7.1.0-30
7.1.0-31
7.1.0-32
7.1.0-33
7.1.0-34
7.1.0-35
7.1.0-36
7.1.0-37
7.1.0-38
7.1.0-39
7.1.0-4
7.1.0-40
7.1.0-41
7.1.0-42
7.1.0-43
7.1.0-44
7.1.0-45
7.1.0-46
7.1.0-47
7.1.0-48
7.1.0-49
7.1.0-5
7.1.0-50
7.1.0-51
7.1.0-52
7.1.0-53
7.1.0-54
7.1.0-55
7.1.0-56
7.1.0-57
7.1.0-58
7.1.0-59
7.1.0-6
7.1.0-60
7.1.0-61
7.1.0-62
7.1.0-7
7.1.0-8
7.1.0-9
7.1.0.0
7.1.1-0
7.1.1-1
7.1.1-10
7.1.1-11
7.1.1-12
7.1.1-13
7.1.1-14
7.1.1-15
7.1.1-16
7.1.1-17
7.1.1-18
7.1.1-19
7.1.1-2
7.1.1-20
7.1.1-21
7.1.1-22
7.1.1-23
7.1.1-24
7.1.1-25
7.1.1-26
7.1.1-27
7.1.1-28
7.1.1-29
7.1.1-3
7.1.1-30
7.1.1-31
7.1.1-32
7.1.1-33
7.1.1-34
7.1.1-35
7.1.1-36
7.1.1-37
7.1.1-38
7.1.1-39
7.1.1-4
7.1.1-40
7.1.1-41
7.1.1-43
7.1.1-44
7.1.1-45
7.1.1-46
7.1.1-47
7.1.1-5
7.1.1-6
7.1.1-7
7.1.1-8
7.1.1-9
7.1.2-0
7.1.2-1
7.1.2-10
7.1.2-11
7.1.2-12
7.1.2-13
7.1.2-2
7.1.2-3
7.1.2-5
7.1.2-6
7.1.2-7
7.1.2-8
7.1.2-9
7.10.0.0
7.10.1.0
7.10.2.0
7.11.0.0
7.11.1.0
7.12.0.0
7.13.0.0
7.13.1.0
7.14.0.0
7.14.0.1
7.14.0.2
7.14.0.3
7.14.1.0
7.14.2.0
7.14.3.0
7.14.4.0
7.14.5.0
7.15.0.0
7.15.0.1
7.15.1.0
7.15.2.0
7.15.3.0
7.15.4.0
7.15.5.0
7.16.0.0
7.16.1.0
7.17.0.0
7.17.0.1
7.18.0.0
7.19.0.0
7.19.0.1
7.2.0.0
7.2.1.0
7.20.0.0
7.20.0.1
7.21.0.0
7.21.1.0
7.22.0.0
7.22.1.0
7.22.2.0
7.22.2.1
7.22.2.2
7.22.3.0
7.23.0.0
7.23.1.0
7.23.2.0
7.23.2.1
7.23.3.0
7.23.4.0
7.24.0.0
7.24.1.0
7.3.0.0
7.4.0.0
7.4.1.0
7.4.2.0
7.4.3.0
7.4.4.0
7.4.5.0
7.4.6.0
7.5.0.0
7.5.0.1
7.6.0.0
7.6.0.1
7.7.0.0
7.8.0.0
7.9.0.0
7.9.0.1
7.9.0.2
7.9.1.0
7.9.2.0
8.*
8.0.0
8.0.1
8.1.0
8.2.0
8.2.1
8.3.0
8.3.1
8.3.2
8.3.3
8.4.0
8.5.0
8.6.0
8.6.1
9.*
9.0.0
9.1.0
9.1.1
9.1.2
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"digest": {
"length": 23600.0,
"function_hash": "316410258756988178429114825633850642787"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2026-25576-059a660c",
"target": {
"function": "ReadCMYKImage",
"file": "coders/cmyk.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"66640186420873621384257550742724368719",
"319889552013757698360455984028525790799",
"256952561949245163651469245367783159077",
"157662687178047085674125175844961650042",
"292685984242424270777597294326786479658",
"187038571625299824303067101130741688042",
"9588341264109045961418638220754750345",
"175904511629143338597608143807527179002",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"248529325351805739662181561630481290803",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"139712530750844949309279548939866917458",
"321092560478142566732718733768163790582",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"300311756757226669044505016560793578371",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"161577118932406517880956326044006924795",
"332293529770778924083929118226473610103",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"49110406772344232992306655056910249164",
"217912465641639752300195895991565715860",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"107322767248907306881404006218410266284",
"231776338882947028864442314687151446189",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"300311756757226669044505016560793578371",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"161577118932406517880956326044006924795",
"332293529770778924083929118226473610103",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"49110406772344232992306655056910249164",
"217912465641639752300195895991565715860",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"107322767248907306881404006218410266284",
"231776338882947028864442314687151446189",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632"
]
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2026-25576-09acbfda",
"target": {
"file": "coders/cmyk.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"signature_version": "v1",
"digest": {
"length": 20270.0,
"function_hash": "15480993164770791346056344202074738210"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2026-25576-47169893",
"target": {
"function": "ReadYCBCRImage",
"file": "coders/ycbcr.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"66640186420873621384257550742724368719",
"319889552013757698360455984028525790799",
"256952561949245163651469245367783159077",
"157662687178047085674125175844961650042",
"292685984242424270777597294326786479658",
"187038571625299824303067101130741688042",
"9588341264109045961418638220754750345",
"175904511629143338597608143807527179002",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"248529325351805739662181561630481290803",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"139712530750844949309279548939866917458",
"321092560478142566732718733768163790582",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"300311756757226669044505016560793578371",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"161577118932406517880956326044006924795",
"332293529770778924083929118226473610103",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"49110406772344232992306655056910249164",
"217912465641639752300195895991565715860",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"300311756757226669044505016560793578371",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"161577118932406517880956326044006924795",
"332293529770778924083929118226473610103",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"49110406772344232992306655056910249164",
"217912465641639752300195895991565715860",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2026-25576-4c176e2b",
"target": {
"file": "coders/ycbcr.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"66640186420873621384257550742724368719",
"319889552013757698360455984028525790799",
"256952561949245163651469245367783159077",
"157662687178047085674125175844961650042",
"292685984242424270777597294326786479658",
"187038571625299824303067101130741688042",
"9588341264109045961418638220754750345",
"175904511629143338597608143807527179002",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"58305238763900132302867660151400249764",
"248529325351805739662181561630481290803",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"139712530750844949309279548939866917458",
"321092560478142566732718733768163790582",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"58305238763900132302867660151400249764",
"300311756757226669044505016560793578371",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"161577118932406517880956326044006924795",
"332293529770778924083929118226473610103",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"49110406772344232992306655056910249164",
"217912465641639752300195895991565715860",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"58305238763900132302867660151400249764",
"300311756757226669044505016560793578371",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"161577118932406517880956326044006924795",
"332293529770778924083929118226473610103",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"49110406772344232992306655056910249164",
"217912465641639752300195895991565715860",
"135796861338163969396005444071270180097",
"171571061062719688959629980324711668653",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632"
]
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2026-25576-7808c90e",
"target": {
"file": "coders/bgr.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"digest": {
"length": 13716.0,
"function_hash": "109255656732779190879512822784119388594"
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2026-25576-83902223",
"target": {
"function": "ReadGRAYImage",
"file": "coders/gray.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"66640186420873621384257550742724368719",
"319889552013757698360455984028525790799",
"256952561949245163651469245367783159077",
"157662687178047085674125175844961650042",
"292685984242424270777597294326786479658",
"187038571625299824303067101130741688042",
"9588341264109045961418638220754750345",
"175904511629143338597608143807527179002",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"248529325351805739662181561630481290803",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"139712530750844949309279548939866917458",
"321092560478142566732718733768163790582",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"277523571504931886585108488260350450311",
"183527373097350152559095035375175900346",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"300311756757226669044505016560793578371",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2026-25576-83fac55a",
"target": {
"file": "coders/gray.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"333203218583479119093004790030428550762",
"319889552013757698360455984028525790799",
"256952561949245163651469245367783159077",
"157662687178047085674125175844961650042",
"246438058692759252446383070011597717831",
"90931809901832921321984930034993337858",
"9588341264109045961418638220754750345",
"181513215206757420918947591665430569481",
"23525034742950677291897067473934229271",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"248529325351805739662181561630481290803"
]
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2026-25576-8de4f5c5",
"target": {
"file": "coders/raw.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"digest": {
"length": 20398.0,
"function_hash": "153678688849332657339107339179778123620"
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2026-25576-9968bda6",
"target": {
"function": "ReadRGBImage",
"file": "coders/rgb.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"digest": {
"length": 4544.0,
"function_hash": "161158041268523611404762155069193264321"
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2026-25576-a80ad4ea",
"target": {
"function": "ReadRGB565Image",
"file": "coders/rgb.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"signature_version": "v1",
"digest": {
"length": 4371.0,
"function_hash": "110586382059811745809457241551273488514"
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2026-25576-d553fa3f",
"target": {
"function": "ReadRAWImage",
"file": "coders/raw.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"digest": {
"length": 20448.0,
"function_hash": "173481640843257025504189224397102714283"
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2026-25576-d5f66e23",
"target": {
"function": "ReadBGRImage",
"file": "coders/bgr.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"319889552013757698360455984028525790799",
"256952561949245163651469245367783159077",
"157662687178047085674125175844961650042",
"285236928015445040254918234981083495926",
"292685984242424270777597294326786479658",
"187038571625299824303067101130741688042",
"9588341264109045961418638220754750345",
"175904511629143338597608143807527179002",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"248529325351805739662181561630481290803",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"139712530750844949309279548939866917458",
"321092560478142566732718733768163790582",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"300311756757226669044505016560793578371",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"161577118932406517880956326044006924795",
"332293529770778924083929118226473610103",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"49110406772344232992306655056910249164",
"217912465641639752300195895991565715860",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"58305238763900132302867660151400249764",
"300311756757226669044505016560793578371",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"161577118932406517880956326044006924795",
"332293529770778924083929118226473610103",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"49110406772344232992306655056910249164",
"217912465641639752300195895991565715860",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"328849144342466191234146718248832319993",
"234611569153462629632037490129428734632",
"333203218583479119093004790030428550762",
"319889552013757698360455984028525790799",
"256952561949245163651469245367783159077",
"157662687178047085674125175844961650042",
"292685984242424270777597294326786479658",
"187038571625299824303067101130741688042",
"9588341264109045961418638220754750345",
"181513215206757420918947591665430569481",
"125314924816388419548001814047574790956",
"169219060143909345943321311411656459644",
"292828759057765907397840976273815941801",
"169636396957344067804543310826697113131"
]
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2026-25576-f7698fe1",
"target": {
"file": "coders/rgb.c"
},
"source": "https://github.com/imagemagick/imagemagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f"
}
]
unresolved_ranges
[
{
"events": [
{
"introduced": "7.0.0-0"
},
{
"fixed": "7.1.2-15"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-25576.json"