CVE-2026-56373
mediumCVSS v3 Base Score
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
EPSS Score
0.2%
Exploitation probability in 30 days
Top 87% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Confidentiality
None
Integrity
Low
Availability
High
Vulnerability Report
Generated by CyberWatcher
Description
ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory.
CWE
CWE-825Affected Products
Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7