CVE-2026-30931
Published: 10 March 2026
Summary
CVE-2026-30931 is a medium-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Imagemagick Imagemagick. Its CVSS base score is 6.8 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 4.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
Threat & Defense at a Glance
Threat & Defense Details
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Heap buffer overflow enables local memory corruption resulting in DoS (high availability impact); directly maps to application/system exploitation for endpoint denial of service.
NVD Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, a heap-based buffer overflow in the UHDR encoder can happen due to truncation of a value and it would allow an out of…
more
bounds write. This vulnerability is fixed in 7.1.2-16.
Deeper analysisAI
CVE-2026-30931 is a heap-based buffer overflow vulnerability in the UHDR encoder of ImageMagick, an open-source software suite for editing and manipulating digital images. The issue arises from truncation of a value, which can lead to an out-of-bounds write. It affects ImageMagick versions prior to 7.1.2-16 and has a CVSS v3.1 base score of 6.8 (AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H), mapped to CWE-122.
A local attacker can exploit this vulnerability with low attack complexity, requiring no privileges or user interaction. Successful exploitation enables an out-of-bounds write, resulting in low integrity impact and high availability impact, such as potential denial of service through memory corruption.
The vulnerability is fixed in ImageMagick version 7.1.2-16. For detailed mitigation guidance, refer to the security advisory at https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-h95r-c8c7-mrwx.
Details
- CWE(s)