CVE-2026-25794

{"id": "CVE-2026-25794", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.2, "exploitabilityScore": 3.9}]}, "published": "2026-02-24T01:16:13.970", "references": [{"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vhqj-f5cj-9x8h", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-122"}, {"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. `WriteUHDRImage` in `coders/uhdr.c` uses `int` arithmetic to compute the pixel buffer size. Prior to version 7.1.2-15, when image dimensions are large, the multiplication overflows 32-bit `int`, causing an undersized heap allocation followed by an out-of-bounds write. This can crash the process or potentially lead to an out of bounds heap write. Version 7.1.2-15 contains a patch."}, {"lang": "es", "value": "ImageMagick es un software libre y de c\u00f3digo abierto utilizado para editar y manipular im\u00e1genes digitales. 'WriteUHDRImage' en 'coders/uhdr.c' utiliza aritm\u00e9tica de tipo 'int' para calcular el tama\u00f1o del b\u00fafer de p\u00edxeles. Antes de la versi\u00f3n 7.1.2-15, cuando las dimensiones de la imagen son grandes, la multiplicaci\u00f3n desborda el tipo 'int' de 32 bits, lo que provoca una asignaci\u00f3n de heap de tama\u00f1o insuficiente seguida de una escritura fuera de l\u00edmites. Esto puede bloquear el proceso o potencialmente conducir a una escritura de heap fuera de l\u00edmites. La versi\u00f3n 7.1.2-15 contiene un parche."}], "lastModified": "2026-02-24T17:28:54.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B89F5759-9F8D-4C89-8D35-0FCE2AE715A4", "versionEndExcluding": "7.1.2-15"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}