{"vulnerability": "CVE-2026-40169", "sightings": [{"uuid": "819485c6-5c99-4b84-bacd-20e254d00a33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40169", "type": "seen", "source": "https://gist.github.com/alon710/1dd7eb9b2d2403233c4fe934b5852750", "content": "# GHSA-JQQ5-8PX3-9M6M: GHSA-JQQ5-8PX3-9M6M: Single-Byte Heap Overflow Bypass in ImageMagick JSON and YAML Encoders\n\n> **CVSS Score:** 6.2\n> **Published:** 2026-05-21\n> **Full Report:** https://cvereports.com/reports/GHSA-JQQ5-8PX3-9M6M\n\n## Summary\nA heap-based buffer overflow vulnerability exists in the JSON and YAML encoders of ImageMagick and Magick.NET. This issue constitutes an incomplete fix for CVE-2026-40169, resulting in a single-byte out-of-bounds write (off-by-one error) during image metadata serialization.\n\n## TL;DR\nImageMagick < 7.1.2-19 and Magick.NET < 14.12.0 suffer from a single-byte heap overflow in their JSON/YAML encoders. An incomplete patch for a prior vulnerability allows an attacker to cause a denial of service via a crafted file.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-122, CWE-193\n- **Attack Vector**: Local / Remote via File Upload\n- **CVSS Score**: 6.2\n- **Impact**: Denial of Service (DoS)\n- **Exploit Status**: Proof of Concept (PoC) Exists\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- ImageMagick Core\n- Magick.NET NuGet Packages\n- **ImageMagick**: < 7.1.2-19 (Fixed in: `7.1.2-19`)\n- **Magick.NET**: < 14.12.0 (Fixed in: `14.12.0`)\n\n## Mitigation\n\n- Update ImageMagick to version 7.1.2-19 or later\n- Update Magick.NET packages to version 14.12.0 or later\n- Disable the JSON and YAML coders via ImageMagick's policy.xml if updates are not possible\n\n**Remediation Steps:**\n1. Identify all systems and applications using ImageMagick or Magick.NET.\n2. Check the installed version of the libraries.\n3. If utilizing Magick.NET, update the project's NuGet package references to version 14.12.0.\n4. If utilizing ImageMagick locally or in a container, update the system package or base image to incorporate version 7.1.2-19.\n5. Test image processing pipelines to ensure updates do not cause regressions.\n6. Deploy the updated components to production environments.\n\n## References\n\n- [GitHub Advisory Database](https://github.com/advisories/GHSA-JQQ5-8PX3-9M6M)\n- [ImageMagick Security Advisory](https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jqq5-8px3-9m6m)\n- [Original Vulnerability (CVE-2026-40169)](https://nvd.nist.gov/vuln/detail/CVE-2026-40169)\n- [Magick.NET Release Notes](https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-JQQ5-8PX3-9M6M) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-22T06:10:50.000000Z"}, {"uuid": "9893bf33-cbb0-42a8-a911-53a0db1a23d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40169", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjgb5yy7ua2m", "content": "", "creation_timestamp": "2026-04-14T01:47:25.770129Z"}, {"uuid": "3cb95569-8120-4bea-bdf8-54ff92a4114e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-40169", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/63ae1405-3878-4622-935b-6ee96a75dc90", "content": "", "creation_timestamp": "2026-05-01T15:50:35.105333Z"}]}