CVE-2026-56365
LowCVSS 3.7Exploitation Probability (EPSS)
Low risk20th percentile — higher than 20% of all known CVEs
Summary
A memory leak vulnerability in ImageMagick before version 7.1.2-19 exists in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.
Risk Assessment
The risk is that an attacker can remotely exhaust server memory, leading to unavailability of image processing services.
Recommendation
Immediately update ImageMagick to version 7.1.2-19 or later, which fixes this vulnerability.
Original NVD description (English source)
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.

