
PEACH
Un cadre d’isolation des locataires
CVE-2026-61857 is a heap use-after-free vulnerability in ImageMagick caused by a missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the flaw and cause application crashes. The vulnerability affects ImageMagick versions before 7.1.2-26 (7.x branch) and before 6.9.13-51 (6.x branch). It was published on July 11, 2026, with a CVSS v3.1 score of 3.7 (Low) and a CVSS v4.0 score of 6.3 (Medium) (GitHub Advisory, ImageMagick Advisory).
The root cause is a missing null check during XMP profile parsing, which leads to a heap use-after-free condition (CWE-416 estimated; formally classified as CWE-252 Unchecked Return Value and CWE-476 NULL Pointer Dereference). When ImageMagick processes an image file containing a specially crafted XMP metadata block, the parser fails to validate a pointer before use, resulting in access to freed heap memory. The attack vector is network-based with high complexity and no privileges or user interaction required, though specific attack prerequisites must be present (e.g., the application must process attacker-supplied image files). The vulnerability was reported by researcher "rexpository" (ImageMagick Advisory, Red Hat Bugzilla).
Successful exploitation results in an application crash, causing a denial of service. There is no impact to confidentiality or integrity — the vulnerability is limited to availability of the affected ImageMagick process. In environments where ImageMagick is used as a backend image processing service (e.g., web applications accepting user-uploaded images), repeated exploitation could disrupt service availability, but lateral movement or data exfiltration are not associated with this vulnerability (GitHub Advisory, ImageMagick Advisory).
convert, magick) shortly after processing uploaded image files.Upgrade ImageMagick to version 7.1.2-26 or later (7.x branch) or 6.9.13-51 or later (6.x branch) to remediate the vulnerability. As a workaround, restrict image upload functionality to trusted sources and consider implementing input validation or stripping of XMP metadata from image files before processing. Disabling or sandboxing ImageMagick in environments where untrusted image files are processed can further reduce risk (ImageMagick Advisory, Red Hat Bugzilla).
The vulnerability was assigned a low severity rating by the ImageMagick maintainers and published via GitHub Security Advisories on June 26, 2026. Red Hat opened a tracking bug (BZ#2499382) and classified it as medium priority/severity for their products. No significant broader media coverage or notable researcher commentary beyond the initial disclosure has been identified (ImageMagick Advisory, Red Hat Bugzilla).
Source: Ce rapport a été généré à l’aide de l’IA
Évaluation gratuite des vulnérabilités
Évaluez vos pratiques de sécurité cloud dans 9 domaines de sécurité pour évaluer votre niveau de risque et identifier les failles dans vos défenses.
Obtenez une démo personnalisée
"La meilleure expérience utilisateur que j’ai jamais vue, offre une visibilité totale sur les workloads cloud."
"Wiz fournit une interface unique pour voir ce qui se passe dans nos environnements cloud."
"Nous savons que si Wiz identifie quelque chose comme critique, c’est qu’il l’est réellement."