ImageMagick, Off-by-One in MSL Decoder, CVE-2026-40312 (Moderate)

Listen to this Post

A remote attacker exploits an off-by-one error when processing a specially crafted malicious MSL (Magick Scripting Language) file. The vulnerability resides in the MSL decoder component. An off-by-one error is a memory management issue where an array or buffer is accessed one element beyond its intended boundary. In this specific case, the decoder miscalculates the memory offset when parsing a malicious MSL file. This miscalculation leads to an out-of-bounds read or write. The corrupted memory access destabilizes the application. The flaw is triggered only when ImageMagick reads a maliciously crafted MSL file. No user interaction or special privileges are required beyond accessing the file. When exploited, the process crashes, leading to a Denial of Service (DoS). The vulnerability affects all versions of ImageMagick below 7.1.2-19. It also impacts the entire Magick.NET suite below version 14.12.0. This is because Magick.NET is a .NET wrapper for ImageMagick and inherits the same vulnerable code. The crash does not lead to remote code execution or data theft. However, it can be used repeatedly to disrupt services that rely on ImageMagick. The issue is classified as problematic with a CVSS 3.1 score of 6.2 (Medium). The fix involves correcting the buffer boundary calculation. This was resolved in version 7.1.2-19 of ImageMagick and version 14.12.0 of Magick.NET.

dailycve form

Platform: ImageMagick/Magick.NET
Version: below 7.1.2-19
Vulnerability: Off-by-one
Severity: Moderate
date: 2026-04-14

Prediction: 2026-04-21

What Undercode Say:

Check current ImageMagick version
convert --version
Download and compile patched version (7.1.2-19 or higher)
wget https://github.com/ImageMagick/ImageMagick/archive/refs/tags/7.1.2-19.tar.gz
tar -xzf 7.1.2-19.tar.gz
cd ImageMagick-7.1.2-19
./configure
make
sudo make install
Verify patch application by checking the commit
git clone https://github.com/ImageMagick/ImageMagick.git
cd ImageMagick
git show 2a06c7be3bba3326caf8b7a8d1fa2e0d4b88998d

Exploit:

A remote attacker provides a malicious MSL file to the target service. The service processes the file using the vulnerable ImageMagick MSL decoder. The off-by-one error triggers a crash, causing the application to become unavailable.

Protection from this CVE

Upgrade to ImageMagick version 7.1.2-19 or higher, or Magick.NET version 14.12.0 or higher.

Impact:

Denial of Service (DoS) via application crash.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top