CVE-2026-23876 | ImageMagick up to 6.9.13-37/7.1.2-12 XBM Image Decoder ReadXBMImage heap-based overflow (GHSA-r49w-jqq3-3gx8)

A vulnerability, which was classified as critical, has been found in ImageMagick up to 6.9.13-37/7.1.2-12. The impacted element is the function ReadXBMImage of the component XBM Image Decoder. The manipulation leads to heap-based buffer overflow.

This vulnerability is traded as CVE-2026-23876. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More