HIGH 7.1 NuGet
ImageMagick vulnerable to stack corruption through long morphology kernel names or arrays
GHSA-932h-jw47-73jm · CVE-2026-28494
Published · Modified
Description
A stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption.
Ready to move
Start Securing
Free, no credit card | First findings in minutes