CVE-2026-61465
Severity CVSS v4.0:
MEDIUM
Type:
Unavailable / Other
Publication date:
11/07/2026
Last modified:
11/07/2026
Description
ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of service.
Impact
Base Score 4.0
4.80
Severity 4.0
MEDIUM
Base Score 3.x
3.30
Severity 3.x
LOW



