Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-kcs8-8s5x-w7er
Vulnerability ID VCID-kcs8-8s5x-w7er
Aliases CVE-2026-25988
GHSA-782x-jh29-9mf7
Summary ImageMagick: MSL image stack index may fail to refresh, leading to leaked images Sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. ``` ==841485==ERROR: LeakSanitizer: detected memory leaks Direct leak of 13512 byte(s) in 1 object(s) allocated from:
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-401 Missing Release of Memory after Effective Lifetime
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
There are no known severity scores.
Reference id Reference type URL
https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
https://github.com/ImageMagick/ImageMagick
https://github.com/ImageMagick/ImageMagick/commit/4354fc1d554ec2e6314aed13536efa7bde9593d2
CVE-2026-25988 https://nvd.nist.gov/vuln/detail/CVE-2026-25988
GHSA-782x-jh29-9mf7 https://github.com/advisories/GHSA-782x-jh29-9mf7
GHSA-782x-jh29-9mf7 https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-782x-jh29-9mf7
No exploits are available.
There are no known vectors.

No EPSS data available for this vulnerability.

Date Actor Action Source VulnerableCode Version
2026-06-02T04:50:24.530886+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Magick.NET-Q8-OpenMP-arm64/CVE-2026-25988.yml 38.6.0