ImageMagick has a heap-use-after-free via XMP profile could result in a crash when printing the values.

GHSA-r83h-crwp-3vm7 · CVE-2026-40311

Published Apr 14, 2026 · Modified Apr 21, 2026

Description

An heap use after free when reading an invalid XMP profile could result in a crash due to an heap use after free when printing the values.

References

5.5 / 10

MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Packages

NuGet/Magick.NET-Q16-AnyCPU

Fix 14.12.0

Introduced 0

213 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +193 more

NuGet/Magick.NET-Q16-HDRI-AnyCPU

Fix 14.12.0

Introduced 0

210 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +190 more

NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64

Fix 14.12.0

Introduced 0

58 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +38 more

NuGet/Magick.NET-Q16-HDRI-arm64

Fix 14.12.0

Introduced 0

58 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +38 more

NuGet/Magick.NET-Q16-HDRI-x64

Fix 14.12.0

Introduced 0

210 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +190 more

NuGet/Magick.NET-Q16-HDRI-x86

Fix 14.12.0

Introduced 0

210 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +190 more

NuGet/Magick.NET-Q16-OpenMP-arm64

Fix 14.12.0

Introduced 0

58 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +38 more

NuGet/Magick.NET-Q16-OpenMP-x64

Fix 14.12.0

Introduced 0

110 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +90 more

NuGet/Magick.NET-Q16-arm64

Fix 14.12.0

Introduced 0

58 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +38 more

NuGet/Magick.NET-Q16-x64

Fix 14.12.0

Introduced 0

229 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +209 more

NuGet/Magick.NET-Q16-x86

Fix 14.12.0

Introduced 0

229 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +209 more

NuGet/Magick.NET-Q8-AnyCPU

Fix 14.12.0

Introduced 0

213 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +193 more

NuGet/Magick.NET-Q8-OpenMP-arm64

Fix 14.12.0

Introduced 0

58 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +38 more

NuGet/Magick.NET-Q8-arm64

Fix 14.12.0

Introduced 0

58 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +38 more

NuGet/Magick.NET-Q8-x64

Fix 14.12.0

Introduced 0

229 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +209 more

NuGet/Magick.NET-Q8-x86

Fix 14.12.0

Introduced 0

229 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +209 more

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes