{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27799", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-24T02:31:33.266Z", "datePublished": "2026-02-25T23:20:25.204Z", "dateUpdated": "2026-02-25T23:20:25.204Z"}, "containers": {"cna": {"title": "ImageMagick has a heap Buffer Over-read in its DJVU image format handler", "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "lang": "en", "description": "CWE-122: Heap-based Buffer Overflow", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-126", "lang": "en", "description": "CWE-126: Buffer Over-read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r99p-5442-q2x2", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r99p-5442-q2x2"}, {"name": "https://github.com/ImageMagick/ImageMagick/commit/e87695b3227978ad70b967b8d054baaf8ac2cced", "tags": ["x_refsource_MISC"], "url": "https://github.com/ImageMagick/ImageMagick/commit/e87695b3227978ad70b967b8d054baaf8ac2cced"}, {"name": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3"}], "affected": [{"vendor": "ImageMagick", "product": "ImageMagick", "versions": [{"version": "< 6.9.13-40", "status": "affected"}, {"version": ">= 7.0.0, < 7.1.2-15", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-25T23:20:25.204Z"}, "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride (row size) for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads. Versions 7.1.2-15 and 6.9.13-40 contain a patch."}], "source": {"advisory": "GHSA-r99p-5442-q2x2", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride (row size) for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads. Versions 7.1.2-15 and 6.9.13-40 contain a patch."}], "id": "CVE-2026-27799", "lastModified": "2026-02-26T00:16:25.393", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-26T00:16:25.393", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/ImageMagick/ImageMagick/commit/e87695b3227978ad70b967b8d054baaf8ac2cced"}, {"source": "security-advisories@github.com", "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r99p-5442-q2x2"}, {"source": "security-advisories@github.com", "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}, {"lang": "en", "value": "CWE-126"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "ImageMagick: ImageMagick: Denial of Service and data corruption due to crafted DJVU image processing", "id": "2442879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442879"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "status": "draft"}, "cwe": "CWE-125", "details": ["A flaw was found in ImageMagick, a software suite used for editing and manipulating digital images. This vulnerability, a heap buffer over-read, exists within the component that handles DJVU image files. A local attacker could exploit this by processing a specially crafted DJVU image, leading to an error where the software miscalculates memory allocation due to an integer truncation. This causes the software to attempt to read memory outside its designated boundaries, which can result in a denial of service or potentially corrupt data."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, avoid processing untrusted DJVU image files with ImageMagick. For server deployments, restrict network access to services that use ImageMagick for image processing. As an additional measure, consider disabling the DJVU delegate in ImageMagick's policy.xml configuration to prevent the processing of DJVU files. This may impact functionality that relies on DJVU image support."}, "name": "CVE-2026-27799", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2026-02-25T23:20:25Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-27799\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-27799\nhttps://github.com/ImageMagick/ImageMagick/commit/e87695b3227978ad70b967b8d054baaf8ac2cced\nhttps://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r99p-5442-q2x2\nhttps://github.com/dlemstra/Magick.NET/releases/tag/14.10.3"], "statement": "This MODERATE impact vulnerability in ImageMagick involves a heap buffer over-read within the DJVU image format handler. The flaw occurs due to an integer truncation during stride calculation for pixel buffer allocation, leading to out-of-bounds memory reads when processing a specially crafted DJVU image. Red Hat Enterprise Linux 6 ELS and 7 ELS are affected.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.9.13-40)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[7.0.0,7.1.2-15)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "ImageMagick", "source": "cna", "vendor": "ImageMagick"}, "product": "imagemagick", "vendor": "imagemagick"}], "created": "2026-02-26T13:10:37.030973+00:00", "updated": "2026-02-26T13:10:37.031063+00:00", "vendors": ["imagemagick", "imagemagick$PRODUCT$imagemagick"]}