1+ {
2+ "schema_version": "1.4.0",
3+ "id": "GHSA-72hf-fj62-w6j4",
4+ "modified": "2026-02-24T15:43:02Z",
5+ "published": "2026-02-24T15:43:02Z",
6+ "aliases": [
7+ "CVE-2026-25967"
8+ ],
9+ "summary": "ImageMagick: Stack buffer overflow in FTXT reader via oversized integer field",
10+ "details": "### Summary\nA stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash.\n\n```\n=================================================================\n==3537074==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffee4850ef0 at pc 0x5607c408fb33 bp 0x7ffee484fe50 sp 0x7ffee484fe40\nWRITE of size 1 at 0x7ffee4850ef0 thread T0\n```",
11+ "severity": [
12+ {
13+ "type": "CVSS_V3",
14+ "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"
15+ }
16+ ],
17+ "affected": [
18+ {
19+ "package": {
20+ "ecosystem": "NuGet",
21+ "name": "Magick.NET-Q16-AnyCPU"
22+ },
23+ "ranges": [
24+ {
25+ "type": "ECOSYSTEM",
26+ "events": [
27+ {
28+ "introduced": "0"
29+ },
30+ {
31+ "fixed": "14.10.3"
32+ }
33+ ]
34+ }
35+ ]
36+ },
37+ {
38+ "package": {
39+ "ecosystem": "NuGet",
40+ "name": "Magick.NET-Q16-HDRI-AnyCPU"
41+ },
42+ "ranges": [
43+ {
44+ "type": "ECOSYSTEM",
45+ "events": [
46+ {
47+ "introduced": "0"
48+ },
49+ {
50+ "fixed": "14.10.3"
51+ }
52+ ]
53+ }
54+ ]
55+ },
56+ {
57+ "package": {
58+ "ecosystem": "NuGet",
59+ "name": "Magick.NET-Q16-HDRI-OpenMP-arm64"
60+ },
61+ "ranges": [
62+ {
63+ "type": "ECOSYSTEM",
64+ "events": [
65+ {
66+ "introduced": "0"
67+ },
68+ {
69+ "fixed": "14.10.3"
70+ }
71+ ]
72+ }
73+ ]
74+ },
75+ {
76+ "package": {
77+ "ecosystem": "NuGet",
78+ "name": "Magick.NET-Q16-HDRI-OpenMP-x64"
79+ },
80+ "ranges": [
81+ {
82+ "type": "ECOSYSTEM",
83+ "events": [
84+ {
85+ "introduced": "0"
86+ },
87+ {
88+ "fixed": "14.10.3"
89+ }
90+ ]
91+ }
92+ ]
93+ },
94+ {
95+ "package": {
96+ "ecosystem": "NuGet",
97+ "name": "Magick.NET-Q16-HDRI-arm64"
98+ },
99+ "ranges": [
100+ {
101+ "type": "ECOSYSTEM",
102+ "events": [
103+ {
104+ "introduced": "0"
105+ },
106+ {
107+ "fixed": "14.10.3"
108+ }
109+ ]
110+ }
111+ ]
112+ },
113+ {
114+ "package": {
115+ "ecosystem": "NuGet",
116+ "name": "Magick.NET-Q16-HDRI-x64"
117+ },
118+ "ranges": [
119+ {
120+ "type": "ECOSYSTEM",
121+ "events": [
122+ {
123+ "introduced": "0"
124+ },
125+ {
126+ "fixed": "14.10.3"
127+ }
128+ ]
129+ }
130+ ]
131+ },
132+ {
133+ "package": {
134+ "ecosystem": "NuGet",
135+ "name": "Magick.NET-Q16-HDRI-x86"
136+ },
137+ "ranges": [
138+ {
139+ "type": "ECOSYSTEM",
140+ "events": [
141+ {
142+ "introduced": "0"
143+ },
144+ {
145+ "fixed": "14.10.3"
146+ }
147+ ]
148+ }
149+ ]
150+ },
151+ {
152+ "package": {
153+ "ecosystem": "NuGet",
154+ "name": "Magick.NET-Q16-OpenMP-arm64"
155+ },
156+ "ranges": [
157+ {
158+ "type": "ECOSYSTEM",
159+ "events": [
160+ {
161+ "introduced": "0"
162+ },
163+ {
164+ "fixed": "14.10.3"
165+ }
166+ ]
167+ }
168+ ]
169+ },
170+ {
171+ "package": {
172+ "ecosystem": "NuGet",
173+ "name": "Magick.NET-Q16-OpenMP-x64"
174+ },
175+ "ranges": [
176+ {
177+ "type": "ECOSYSTEM",
178+ "events": [
179+ {
180+ "introduced": "0"
181+ },
182+ {
183+ "fixed": "14.10.3"
184+ }
185+ ]
186+ }
187+ ]
188+ },
189+ {
190+ "package": {
191+ "ecosystem": "NuGet",
192+ "name": "Magick.NET-Q16-OpenMP-x86"
193+ },
194+ "ranges": [
195+ {
196+ "type": "ECOSYSTEM",
197+ "events": [
198+ {
199+ "introduced": "0"
200+ },
201+ {
202+ "fixed": "14.10.3"
203+ }
204+ ]
205+ }
206+ ]
207+ },
208+ {
209+ "package": {
210+ "ecosystem": "NuGet",
211+ "name": "Magick.NET-Q16-arm64"
212+ },
213+ "ranges": [
214+ {
215+ "type": "ECOSYSTEM",
216+ "events": [
217+ {
218+ "introduced": "0"
219+ },
220+ {
221+ "fixed": "14.10.3"
222+ }
223+ ]
224+ }
225+ ]
226+ },
227+ {
228+ "package": {
229+ "ecosystem": "NuGet",
230+ "name": "Magick.NET-Q16-x64"
231+ },
232+ "ranges": [
233+ {
234+ "type": "ECOSYSTEM",
235+ "events": [
236+ {
237+ "introduced": "0"
238+ },
239+ {
240+ "fixed": "14.10.3"
241+ }
242+ ]
243+ }
244+ ]
245+ },
246+ {
247+ "package": {
248+ "ecosystem": "NuGet",
249+ "name": "Magick.NET-Q16-x86"
250+ },
251+ "ranges": [
252+ {
253+ "type": "ECOSYSTEM",
254+ "events": [
255+ {
256+ "introduced": "0"
257+ },
258+ {
259+ "fixed": "14.10.3"
260+ }
261+ ]
262+ }
263+ ]
264+ },
265+ {
266+ "package": {
267+ "ecosystem": "NuGet",
268+ "name": "Magick.NET-Q8-AnyCPU"
269+ },
270+ "ranges": [
271+ {
272+ "type": "ECOSYSTEM",
273+ "events": [
274+ {
275+ "introduced": "0"
276+ },
277+ {
278+ "fixed": "14.10.3"
279+ }
280+ ]
281+ }
282+ ]
283+ },
284+ {
285+ "package": {
286+ "ecosystem": "NuGet",
287+ "name": "Magick.NET-Q8-OpenMP-arm64"
288+ },
289+ "ranges": [
290+ {
291+ "type": "ECOSYSTEM",
292+ "events": [
293+ {
294+ "introduced": "0"
295+ },
296+ {
297+ "fixed": "14.10.3"
298+ }
299+ ]
300+ }
301+ ]
302+ },
303+ {
304+ "package": {
305+ "ecosystem": "NuGet",
306+ "name": "Magick.NET-Q8-arm64"
307+ },
308+ "ranges": [
309+ {
310+ "type": "ECOSYSTEM",
311+ "events": [
312+ {
313+ "introduced": "0"
314+ },
315+ {
316+ "fixed": "14.10.3"
317+ }
318+ ]
319+ }
320+ ]
321+ },
322+ {
323+ "package": {
324+ "ecosystem": "NuGet",
325+ "name": "agick.NET-Q8-x64"
326+ },
327+ "ranges": [
328+ {
329+ "type": "ECOSYSTEM",
330+ "events": [
331+ {
332+ "introduced": "0"
333+ },
334+ {
335+ "fixed": "14.10.3"
336+ }
337+ ]
338+ }
339+ ]
340+ },
341+ {
342+ "package": {
343+ "ecosystem": "NuGet",
344+ "name": "Magick.NET-Q8-x86"
345+ },
346+ "ranges": [
347+ {
348+ "type": "ECOSYSTEM",
349+ "events": [
350+ {
351+ "introduced": "0"
352+ },
353+ {
354+ "fixed": "14.10.3"
355+ }
356+ ]
357+ }
358+ ]
359+ }
360+ ],
361+ "references": [
362+ {
363+ "type": "WEB",
364+ "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-72hf-fj62-w6j4"
365+ },
366+ {
367+ "type": "ADVISORY",
368+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25967"
369+ },
370+ {
371+ "type": "WEB",
372+ "url": "https://github.com/ImageMagick/ImageMagick/commit/9afe96cc325da1e4349fbd7418675af2f8708c10"
373+ },
374+ {
375+ "type": "PACKAGE",
376+ "url": "https://github.com/ImageMagick/ImageMagick"
377+ },
378+ {
379+ "type": "WEB",
380+ "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3"
381+ }
382+ ],
383+ "database_specific": {
384+ "cwe_ids": [
385+ "CWE-121"
386+ ],
387+ "severity": "HIGH",
388+ "github_reviewed": true,
389+ "github_reviewed_at": "2026-02-24T15:43:02Z",
390+ "nvd_published_at": "2026-02-24T02:16:01Z"
391+ }
392+ }
![advisory-database[bot]](https://avatars.githubusercontent.com/in/21409?v=4&size=40){kind=avatar}
0 commit comments