CVE-2026-55595
MediumCVSS 4.7Exploitation Probability (EPSS)
Low risk1th percentile — higher than 1% of all known CVEs
Summary
In ImageMagick prior to versions 6.9.13-51 and 7.1.2-26, providing invalid arguments to the connected-components option causes an infinite loop. This issue has been fixed in the mentioned versions.
Risk Assessment
The infinite loop can lead to denial of service (DoS) by exhausting system resources, disrupting applications using ImageMagick.
Recommendation
Immediately update ImageMagick to version 6.9.13-51 or 7.1.2-26 or later.
Original NVD description (English source)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26.

