ImageMagick has a stack write buffer overflow in MNG encoder
Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ImageMagick MNG encoder lacks a bounds check, enabling a stack buffer overflow via a crafted MNG file that can corrupt the stack with attacker-controlled data.
Root
Cause
The vulnerability is a stack buffer overflow in the MNG encoder of ImageMagick, a widely used open-source image processing suite. Prior to versions 7.1.2-16 and 6.9.13-41, the encoder does not perform sufficient bounds checking when writing data, allowing an attacker to corrupt the stack with controlled data [1][2].
Exploitation
An attacker exploits this by providing a specially crafted MNG file to ImageMagick's processing pipeline. The vulnerability can be triggered without requiring any special privileges beyond the ability to submit an image for processing, and the attack complexity is considered low because the missing bounds check can be directly leveraged (as indicated by the advisory's attack vector and complexity metrics) [4].
Impact
Successful exploitation allows the attacker to overwrite stack memory with their own data, which can lead to arbitrary code execution in the context of the running process. This can compromise the confidentiality, integrity, and availability of the affected system, depending on how ImageMagick is used in the target environment [2][4].
Mitigation
The vulnerability has been fixed in ImageMagick versions 7.1.2-16 (released March 8, 2026) and 6.9.13-41 [2][3]. Users are strongly advised to update to these versions or later. Workarounds include applying a restrictive security policy, as recommended by the ImageMagick project, to limit the types of images that can be processed [1].
- GitHub - ImageMagick/ImageMagick: ImageMagick is a free, open-source software suite for creating, editing, converting, and displaying images. It supports 200+ formats and offers powerful command-line tools and APIs for automation, scripting, and integration across platforms.
- NVD - CVE-2026-28690
- Release Magick.NET 14.10.4 · dlemstra/Magick.NET
- Stack write buffer overflow in MNG encoder
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Magick.NET-Q16-AnyCPUNuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-HDRI-AnyCPUNuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-HDRI-OpenMP-arm64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-HDRI-arm64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-HDRI-x64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-HDRI-x86NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-OpenMP-arm64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-OpenMP-x64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-OpenMP-x86NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-arm64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-x64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-x86NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q16-HDRI-OpenMP-x64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q8-AnyCPUNuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q8-OpenMP-arm64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q8-OpenMP-x64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q8-arm64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q8-x64NuGet | < 14.10.4 | 14.10.4 |
Magick.NET-Q8-x86NuGet | < 14.10.4 | 14.10.4 |
Affected products
2<7.1.2-16, <6.9.13-41+ 1 more
- (no CPE)range: <7.1.2-16, <6.9.13-41
- (no CPE)range: >= 7.0.0, < 7.1.2-16
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-7h7q-j33q-hvpfghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-28690ghsaADVISORY
- github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7h7q-j33q-hvpfghsax_refsource_CONFIRMWEB
- github.com/dlemstra/Magick.NET/releases/tag/14.10.4ghsaWEB
News mentions
0No linked articles in our index yet.