ImageMagick has a heap buffer over-read in its MAP image decoder

GHSA-42p5-62qq-mmh7 · CVE-2026-25987

Published Feb 24, 2026 · Modified Feb 24, 2026

Description

A heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory disclosure during image decoding.

=================================================================
==4070926==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x502000002b31 at pc 0x56517afbd910 bp 0x7ffc59e90000 sp 0x7ffc59e8fff0
READ of size 1 at 0x502000002b31 thread T0

References

5.3 / 10

MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Packages

NuGet/Magick.NET-Q16-AnyCPU

Fix 14.10.3

Introduced 0

209 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +189 more

NuGet/Magick.NET-Q16-HDRI-AnyCPU

Fix 14.10.3

Introduced 0

206 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +186 more

NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64

Fix 14.10.3

Introduced 0

54 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +34 more

NuGet/Magick.NET-Q16-HDRI-OpenMP-x64

Fix 14.10.3

Introduced 0

106 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +86 more

NuGet/Magick.NET-Q16-HDRI-arm64

Fix 14.10.3

Introduced 0

54 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +34 more

NuGet/Magick.NET-Q16-HDRI-x64

Fix 14.10.3

Introduced 0

206 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +186 more

NuGet/Magick.NET-Q16-HDRI-x86

Fix 14.10.3

Introduced 0

206 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +186 more

NuGet/Magick.NET-Q16-OpenMP-arm64

Fix 14.10.3

Introduced 0

54 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +34 more

NuGet/Magick.NET-Q16-OpenMP-x64

Fix 14.10.3

Introduced 0

106 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +86 more

NuGet/Magick.NET-Q16-OpenMP-x86

Fix 14.10.3

Introduced 0

NuGet/Magick.NET-Q16-arm64

Fix 14.10.3

Introduced 0

54 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +34 more

NuGet/Magick.NET-Q16-x64

Fix 14.10.3

Introduced 0

225 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +205 more

NuGet/Magick.NET-Q16-x86

Fix 14.10.3

Introduced 0

225 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +205 more

NuGet/Magick.NET-Q8-AnyCPU

Fix 14.10.3

Introduced 0

209 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +189 more

NuGet/Magick.NET-Q8-OpenMP-arm64

Fix 14.10.3

Introduced 0

54 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +34 more

NuGet/Magick.NET-Q8-OpenMP-x64

Fix 14.10.3

Introduced 0

106 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +86 more

NuGet/Magick.NET-Q8-arm64

Fix 14.10.3

Introduced 0

54 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +34 more

NuGet/Magick.NET-Q8-x64

Fix 14.10.3

Introduced 0

225 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +205 more

NuGet/Magick.NET-Q8-x86

Fix 14.10.3

Introduced 0

225 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +205 more

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes