ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define

GHSA-vhrh-72hq-w8m7 · CVE-2026-45359

Published May 18, 2026 · Modified Jun 11, 2026

Description

An invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation.

References

5.7 / 10

MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

Affected Packages

NuGet/Magick.NET-Q16-AnyCPU

Fix 14.13.1

Introduced 0

215 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +195 more

NuGet/Magick.NET-Q16-HDRI-AnyCPU

Fix 14.13.1

Introduced 0

212 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +192 more

NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64

Fix 14.13.1

Introduced 0

60 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +40 more

NuGet/Magick.NET-Q16-HDRI-OpenMP-x64

Fix 14.13.1

Introduced 0

112 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +92 more

NuGet/Magick.NET-Q16-HDRI-arm64

Fix 14.13.1

Introduced 0

60 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +40 more

NuGet/Magick.NET-Q16-HDRI-x64

Fix 14.13.1

Introduced 0

212 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +192 more

NuGet/Magick.NET-Q16-HDRI-x86

Fix 14.13.1

Introduced 0

212 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +192 more

NuGet/Magick.NET-Q16-OpenMP-arm64

Fix 14.13.1

Introduced 0

60 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +40 more

NuGet/Magick.NET-Q16-OpenMP-x64

Fix 14.13.1

Introduced 0

112 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +92 more

NuGet/Magick.NET-Q16-arm64

Fix 14.13.1

Introduced 0

60 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +40 more

NuGet/Magick.NET-Q16-x64

Fix 14.13.1

Introduced 0

231 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +211 more

NuGet/Magick.NET-Q16-x86

Fix 14.13.1

Introduced 0

231 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +211 more

NuGet/Magick.NET-Q8-AnyCPU

Fix 14.13.1

Introduced 0

215 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +195 more

NuGet/Magick.NET-Q8-OpenMP-arm64

Fix 14.13.1

Introduced 0

60 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +40 more

NuGet/Magick.NET-Q8-OpenMP-x64

Fix 14.13.1

Introduced 0

112 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +92 more

NuGet/Magick.NET-Q8-arm64

Fix 14.13.1

Introduced 0

60 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +40 more

NuGet/Magick.NET-Q8-x64

Fix 14.13.1

Introduced 0

231 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +211 more

NuGet/Magick.NET-Q8-x86

Fix 14.13.1

Introduced 0

231 affected versions

10.0.010.1.011.0.011.1.011.1.111.1.211.2.011.2.111.3.012.0.012.0.112.1.012.2.012.2.112.2.212.3.013.0.013.0.113.1.013.1.1 +211 more

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes