CVE-2026-61861
ImageMagick Analyse et atténuation des vulnérabilités

Aperçu

CVE-2026-61861 is a use-after-free vulnerability in ImageMagick's FormatMagickCaption method, triggered when memory allocation fails, leaving a dangling pointer referencing freed memory. It affects ImageMagick versions before 7.1.2-26 (7.x branch) and before 6.9.13-51 (6.x branch). The vulnerability was published on July 11, 2026, and was reported by researcher RigelYoung. It carries a CVSS v3.1 base score of 3.7 (Low) and a CVSS v4.0 base score of 6.3 (Medium) (GitHub Advisory, Github Advisory DB).

Détails techniques

The root cause is classified as CWE-416 (Use After Free) and CWE-825 (Expired Pointer Dereference). Inside the FormatMagickCaption method, when a memory allocation call fails, the code does not properly nullify or invalidate the pointer to the previously freed memory block, resulting in a dangling pointer. An unauthenticated network-based attacker can craft inputs that trigger this allocation failure path — for example, by supplying specially crafted image files or caption data that causes memory pressure — causing the dangling pointer to be subsequently dereferenced. Exploitation requires high attack complexity and the presence of specific deployment conditions (attack requirements: present), limiting ease of exploitation (GitHub Advisory, Red Hat Bugzilla).

Impact

The primary impact is availability loss — successful exploitation can cause a denial of service by crashing the ImageMagick process through dereferencing freed memory. In more severe scenarios, the use-after-free condition could theoretically be leveraged for arbitrary code execution if an attacker can control memory layout at the time of the dereference, though this is considered difficult given the high attack complexity. There is no assessed impact to confidentiality or integrity of the vulnerable system (Github Advisory DB, Red Hat Bugzilla).

Atténuation et solutions de contournement

Upgrade ImageMagick to version 7.1.2-26 or later (7.x branch) or 6.9.13-51 or later (6.x branch), which contain the fix for this vulnerability (GitHub Advisory). If immediate patching is not feasible, restrict network access to services that process images via ImageMagick and monitor for unexpected process crashes or memory allocation errors. Applying OS-level memory protections such as ASLR and enabling crash reporting can help detect and limit exploitation attempts.

Réactions de la communauté

The vulnerability was assigned a low severity rating by the ImageMagick maintainer (dlemstra) and credited to reporter RigelYoung (GitHub Advisory). Red Hat opened a tracking bug classifying it as medium priority/severity (Red Hat Bugzilla). No significant broader community discussion or media coverage has been observed beyond standard vulnerability database aggregation.

Ressources additionnelles


SourceCe rapport a été généré à l’aide de l’IA

Apparenté ImageMagick Vulnérabilités:

Identifiant CVE

Sévérité

Score

Technologies

Nom du composant

Exploit CISA KEV

A corrigé

Date de publication

CVE-2026-61861MEDIUM6.3
  • ImageMagick logoImageMagick
  • ImageMagick-c++
NonOuiJul 11, 2026
CVE-2026-61857MEDIUM6.3
  • ImageMagick logoImageMagick
  • cpe:2.3:a:imagemagick:imagemagick
NonOuiJul 11, 2026
CVE-2026-61858MEDIUM4.8
  • ImageMagick logoImageMagick
  • ImageMagick-devel
NonOuiJul 11, 2026
CVE-2026-61465MEDIUM4.8
  • ImageMagick logoImageMagick
  • cpe:2.3:a:imagemagick:imagemagick
NonOuiJul 11, 2026
CVE-2026-61870LOW2.1
  • ImageMagick logoImageMagick
  • ImageMagick
NonOuiJul 11, 2026

Évaluation gratuite des vulnérabilités

Évaluez votre posture de sécurité dans le cloud

Évaluez vos pratiques de sécurité cloud dans 9 domaines de sécurité pour évaluer votre niveau de risque et identifier les failles dans vos défenses.

Demander une évaluation

Obtenez une démo personnalisée

Prêt(e) à voir Wiz en action ?

"La meilleure expérience utilisateur que j’ai jamais vue, offre une visibilité totale sur les workloads cloud."
David EstlickRSSI
"Wiz fournit une interface unique pour voir ce qui se passe dans nos environnements cloud."
Adam FletcherChef du service de sécurité
"Nous savons que si Wiz identifie quelque chose comme critique, c’est qu’il l’est réellement."
Greg PoniatowskiResponsable de la gestion des menaces et des vulnérabilités