Common Weakness Enumeration
CWE-401
AllowedMissing Release of Memory after Effective Lifetime
Abstraction: Variant · Status: Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
2001 vulnerabilities reference this CWE, most recent first.
CVE-2026-57027 (GCVE-0-2026-57027)
Vulnerability from cvelistv5 – Published: 2026-07-09 21:08 – Updated: 2026-07-10 14:33
VLAI
EPSS
VEX
Title
Junos OS: EX4100 Series, EX4400: With sFlow configured in a VC scenario multicast traffic leads to an FPC crash
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series devices allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).When sFlow is configured in a Virtual Chassis (VC) scenario with EX4100 Series or EX4400 Series devices, multicast traffic which is received on one VC member and sent out on another member leads to a memory leak and ultimately an FPC crash and restart.
The leak can be monitored by watching the continuous increase of the buffer values in the output of:
user@host> show chassis fpc
This issue affects Junos OS on EX4100 Series and EX4400:
* all versions before 23.2R2-S7,
* 23.4 versions before 23.4R2-S7,
* 24.2 versions before 24.2R2-S4,
* 24.4 versions before 24.4R2.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA110087 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 23.2R2-S7
(custom)
Affected: 23.4 , < 23.4R2-S7 (custom) Affected: 24.2 , < 24.2R2-S4 (custom) Affected: 24.4 , < 24.4R2 (custom) |
Date Public
2026-07-08 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57027",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-10T14:33:27.417390Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T14:33:33.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"EX4100 Series",
"EX4400 Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "23.2R2-S7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "23.4R2-S7",
"status": "affected",
"version": "23.4",
"versionType": "custom"
},
{
"lessThan": "24.2R2-S4",
"status": "affected",
"version": "24.2",
"versionType": "custom"
},
{
"lessThan": "24.4R2",
"status": "affected",
"version": "24.4",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A system is only affected if sFlow for multicast is explicitly enabled with:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e[ forwarding-options sflow egress-multicast enable ]\u003c/tt\u003e"
}
],
"value": "A system is only affected if sFlow for multicast is explicitly enabled with:\n\n[ forwarding-options sflow egress-multicast enable ]"
}
],
"datePublic": "2026-07-08T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series devices allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).\u003cp\u003eWhen sFlow is configured in a Virtual Chassis (VC) scenario with EX4100 Series or EX4400 Series devices, multicast traffic which is received on one VC member and sent out on another member leads to a memory leak and ultimately an FPC crash and restart.\u003c/p\u003eThe leak can be monitored by watching the continuous increase of the buffer values in the output of:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003euser@host\u0026gt; show chassis fpc\u003c/tt\u003e \u003cp\u003e\u003cbr\u003eThis issue affects Junos OS on\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEX4100 Series and EX4400\u003c/span\u003e:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eall versions before 23.2R2-S7,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S7,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R2-S4,\u003c/li\u003e\u003cli\u003e24.4 versions before 24.4R2.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series devices allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).When sFlow is configured in a Virtual Chassis (VC) scenario with EX4100 Series or EX4400 Series devices, multicast traffic which is received on one VC member and sent out on another member leads to a memory leak and ultimately an FPC crash and restart.\n\nThe leak can be monitored by watching the continuous increase of the buffer values in the output of:\n\nuser@host\u003e show chassis fpc \nThis issue affects Junos OS on\u00a0EX4100 Series and EX4400:\n\n\n * all versions before 23.2R2-S7,\n * 23.4 versions before 23.4R2-S7,\n * 24.2 versions before 24.2R2-S4,\n * 24.4 versions before 24.4R2."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T21:08:07.684Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA110087"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 23.2R2-S7, 23.4R2-S7, 24.2R2-S4, 24.4R2, 25.2R1, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 23.2R2-S7, 23.4R2-S7, 24.2R2-S4, 24.4R2, 25.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA110087",
"defect": [
"1824592"
],
"discovery": "USER"
},
"title": "Junos OS: EX4100 Series, EX4400: With sFlow configured in a VC scenario multicast traffic leads to an FPC crash",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2026-57027",
"datePublished": "2026-07-09T21:08:07.684Z",
"dateReserved": "2026-06-23T16:27:00.248Z",
"dateUpdated": "2026-07-10T14:33:33.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56375 (GCVE-0-2026-56375)
Vulnerability from cvelistv5 – Published: 2026-07-15 11:25 – Updated: 2026-07-15 12:21
VLAI
EPSS
VEX
Title
ImageMagick - Memory Leak in ASHLAR Coder Action Failure
Summary
ImageMagick through 7.1.2-18 contains a memory leak vulnerability in the ASHLAR coder when an action fails. Attackers can trigger failed actions to exhaust memory resources and cause denial of service.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , ≤ 7.1.2-18
(semver)
|
Date Public
2026-03-24 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-15T12:20:47.791156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T12:21:07.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThanOrEqual": "7.1.2-18",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.1.2-18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "unbengable12"
}
],
"datePublic": "2026-03-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick through 7.1.2-18 contains a memory leak vulnerability in the ASHLAR coder when an action fails. Attackers can trigger failed actions to exhaust memory resources and cause denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T11:25:30.028Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-6p22-q7w5-33pg)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6p22-q7w5-33pg"
},
{
"name": "VulnCheck Advisory: ImageMagick - Memory Leak in ASHLAR Coder Action Failure",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-ashlar-coder-action-failure"
}
],
"title": "ImageMagick - Memory Leak in ASHLAR Coder Action Failure",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56375",
"datePublished": "2026-07-15T11:25:30.028Z",
"dateReserved": "2026-06-21T02:05:21.920Z",
"dateUpdated": "2026-07-15T12:21:07.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56371 (GCVE-0-2026-56371)
Vulnerability from cvelistv5 – Published: 2026-06-23 12:13 – Updated: 2026-07-02 14:07
VLAI
EPSS
VEX
Title
ImageMagick - Memory Leak in TXT File Processing via Texture Attribute
Summary
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is processed.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-15
(semver)
Unaffected: 7.1.2-15 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-40
(semver)
Unaffected: 6.9.13-40 (semver) |
Date Public
2026-02-23 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-24T15:43:57.913723Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T15:44:24.102Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-15",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-15",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-40",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-40",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "unbengable12"
}
],
"datePublic": "2026-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is processed."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-02T14:07:00.792Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-3q5f-gmjc-38r8)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3q5f-gmjc-38r8"
},
{
"name": "VulnCheck Advisory: ImageMagick - Memory Leak in TXT File Processing via Texture Attribute",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-txt-file-processing-via-texture-attribute"
}
],
"title": "ImageMagick - Memory Leak in TXT File Processing via Texture Attribute",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56371",
"datePublished": "2026-06-23T12:13:04.085Z",
"dateReserved": "2026-06-21T02:05:21.920Z",
"dateUpdated": "2026-07-02T14:07:00.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56368 (GCVE-0-2026-56368)
Vulnerability from cvelistv5 – Published: 2026-06-24 11:53 – Updated: 2026-06-24 13:40
VLAI
EPSS
VEX
Title
ImageMagick - Memory Leak in Raw Pixel Data Coders
Summary
ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-15
(semver)
Unaffected: 7.1.2-15 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-40
(semver)
Unaffected: 6.9.13-40 (semver) |
Date Public
2026-02-23 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-24T13:37:57.353115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T13:40:10.781Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-15",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-15",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-40",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-40",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ylwango613"
}
],
"datePublic": "2026-02-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T11:53:20.423Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-wfx3-6g53-9fgc)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wfx3-6g53-9fgc"
},
{
"name": "VulnCheck Advisory: ImageMagick - Memory Leak in Raw Pixel Data Coders",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-raw-pixel-data-coders"
}
],
"title": "ImageMagick - Memory Leak in Raw Pixel Data Coders",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56368",
"datePublished": "2026-06-24T11:53:20.423Z",
"dateReserved": "2026-06-21T02:05:21.920Z",
"dateUpdated": "2026-06-24T13:40:10.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56366 (GCVE-0-2026-56366)
Vulnerability from cvelistv5 – Published: 2026-07-10 13:57 – Updated: 2026-07-14 01:45
VLAI
EPSS
VEX
Title
ImageMagick - Memory Leak in META Reader APP1JPEG Error Path
Summary
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-18
(semver)
Unaffected: 7.1.2-18 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-43
(semver)
Unaffected: 6.9.13-43 (semver) |
Date Public
2026-03-24 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56366",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-14T01:45:40.341590Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T01:45:51.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-18",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-18",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-43",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-43",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "unbengable12"
}
],
"datePublic": "2026-03-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T13:57:58.303Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-9r56-3gjq-hqf7)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9r56-3gjq-hqf7"
},
{
"name": "VulnCheck Advisory: ImageMagick - Memory Leak in META Reader APP1JPEG Error Path",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-meta-reader-app1jpeg-error-path"
}
],
"title": "ImageMagick - Memory Leak in META Reader APP1JPEG Error Path",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56366",
"datePublished": "2026-07-10T13:57:58.303Z",
"dateReserved": "2026-06-21T02:05:21.919Z",
"dateUpdated": "2026-07-14T01:45:51.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56365 (GCVE-0-2026-56365)
Vulnerability from cvelistv5 – Published: 2026-06-30 22:08 – Updated: 2026-07-01 13:16
VLAI
EPSS
VEX
Title
ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing
Summary
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-19
(semver)
Unaffected: 7.1.2-19 (semver) |
|
| ImageMagick | ImageMagick |
Affected:
0 , < 6.9.13-44
(semver)
Unaffected: 6.9.13-44 (semver) |
Date Public
2026-04-13 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T13:16:02.735899Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T13:16:12.822Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-19",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-19",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "6.9.13-44",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "6.9.13-44",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.13-44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ylwango613"
}
],
"datePublic": "2026-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T22:08:38.238Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-x928-4434-crqj)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-x928-4434-crqj"
},
{
"name": "VulnCheck Advisory: ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-png-encoder-via-mng-image-writing"
}
],
"title": "ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56365",
"datePublished": "2026-06-30T22:08:38.238Z",
"dateReserved": "2026-06-20T21:16:53.711Z",
"dateUpdated": "2026-07-01T13:16:12.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56364 (GCVE-0-2026-56364)
Vulnerability from cvelistv5 – Published: 2026-06-30 22:08 – Updated: 2026-07-01 13:50
VLAI
EPSS
VEX
Title
ImageMagick - Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML
Summary
ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and cause denial of service.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | vendor-advisory |
| https://github.com/ImageMagick/ImageMagick/commit… | patch |
| https://www.vulncheck.com/advisories/imagemagick-… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
0 , < 7.1.2-13
(semver)
Unaffected: 7.1.2-13 (semver) |
Date Public
2026-01-19 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56364",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T13:50:11.200657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T13:50:14.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp59-x883-77qv"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"lessThan": "7.1.2-13",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "7.1.2-13",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.2-13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Keryer"
}
],
"datePublic": "2026-01-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and cause denial of service."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 1.8,
"baseSeverity": "LOW",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 1.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T22:08:37.521Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GitHub Security Advisory (GHSA-qp59-x883-77qv)",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp59-x883-77qv"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/commit/a52c1b402be08ef8ae193f28ac5b2e120f2fa26f",
"tags": [
"patch"
],
"url": "https://github.com/ImageMagick/ImageMagick/commit/a52c1b402be08ef8ae193f28ac5b2e120f2fa26f"
},
{
"name": "VulnCheck Advisory: ImageMagick - Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/imagemagick-memory-leak-in-loadopencldevicebenchmark-via-malformed-xml"
}
],
"title": "ImageMagick - Memory Leak in LoadOpenCLDeviceBenchmark() via Malformed XML",
"x_generator": {
"engine": "vulncheck-endgame"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56364",
"datePublished": "2026-06-30T22:08:37.521Z",
"dateReserved": "2026-06-20T21:16:53.711Z",
"dateUpdated": "2026-07-01T13:50:14.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56116 (GCVE-0-2026-56116)
Vulnerability from cvelistv5 – Published: 2026-06-23 16:11 – Updated: 2026-07-14 21:34 X_Open Source
VLAI
EPSS
VEX
Title
dhcpcd Memory Leak DoS via IPv6 Router Advertisement Handling
Summary
dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send Router Advertisements containing Route Information options with a lifetime of zero, triggering unfreed allocations in routeinfo_findalloc() that cause linear memory exhaustion and eventual daemon crash.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/NetworkConfiguration/dhcpcd/co… | patch |
| https://www.vulncheck.com/advisories/dhcpcd-memor… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NetworkConfiguration | dhcpcd |
Affected:
10.0.7 , ≤ 10.3.2
(semver)
Unaffected: 708b4a56bae080a5b18c2e0c4c6fbe103131a2b0 (git) |
Date Public
2026-06-22 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56116",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T17:00:12.933242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T17:03:00.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageURL": "pkg:github/NetworkConfiguration/dhcpcd",
"product": "dhcpcd",
"repo": "https://github.com/NetworkConfiguration/dhcpcd",
"vendor": "NetworkConfiguration",
"versions": [
{
"lessThanOrEqual": "10.3.2",
"status": "affected",
"version": "10.0.7",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "708b4a56bae080a5b18c2e0c4c6fbe103131a2b0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "CuB3y0nd"
},
{
"lang": "en",
"type": "finder",
"value": "VulnCheck"
}
],
"datePublic": "2026-06-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send Router Advertisements containing Route Information options with a lifetime of zero, triggering unfreed allocations in routeinfo_findalloc() that cause linear memory exhaustion and eventual daemon crash."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T21:34:04.606Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/NetworkConfiguration/dhcpcd/commit/708b4a56bae080a5b18c2e0c4c6fbe103131a2b0"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/dhcpcd-memory-leak-dos-via-ipv6-router-advertisement-handling"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_open-source"
],
"title": "dhcpcd Memory Leak DoS via IPv6 Router Advertisement Handling",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56116",
"datePublished": "2026-06-23T16:11:52.661Z",
"dateReserved": "2026-06-18T19:15:10.651Z",
"dateUpdated": "2026-07-14T21:34:04.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56018 (GCVE-0-2026-56018)
Vulnerability from cvelistv5 – Published: 2026-06-29 19:38 – Updated: 2026-06-29 22:24
VLAI
EPSS
VEX
Title
JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth
Summary
JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth.
In JsMinify (XS.xs) the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes without freeing their contents. Each token's contents buffer is therefore leaked on every call, and the two early returns taken when the node list is empty leak the whole NodeSet.
A long-lived process that minifies repeatedly, such as an asset pipeline or a server-side minifier endpoint, grows in memory without bound until it exhausts available memory and is killed, causing denial of service.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/bleargh45/JavaScript-Minifier-… | issue-tracking |
| https://metacpan.org/release/GTERMARS/JavaScript-… | release-notes |
| http://www.openwall.com/lists/oss-security/2026/0… |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| GTERMARS | JavaScript::Minifier::XS |
Affected:
0 , < 0.16
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-56018",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-29T20:52:50.642184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T20:53:13.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-06-29T22:24:36.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/06/29/17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "JavaScript-Minifier-XS",
"product": "JavaScript::Minifier::XS",
"programFiles": [
"XS.xs"
],
"programRoutines": [
{
"name": "JsMinify"
}
],
"repo": "https://github.com/bleargh45/JavaScript-Minifier-XS",
"vendor": "GTERMARS",
"versions": [
{
"lessThan": "0.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth.\n\nIn JsMinify (XS.xs) the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes without freeing their contents. Each token\u0027s contents buffer is therefore leaked on every call, and the two early returns taken when the node list is empty leak the whole NodeSet.\n\nA long-lived process that minifies repeatedly, such as an asset pipeline or a server-side minifier endpoint, grows in memory without bound until it exhausts available memory and is killed, causing denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-29T19:38:35.316Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/bleargh45/JavaScript-Minifier-XS/issues/10"
},
{
"tags": [
"release-notes"
],
"url": "https://metacpan.org/release/GTERMARS/JavaScript-Minifier-XS-0.16/changes"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to JavaScript::Minifier::XS version 0.16 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth",
"x_generator": {
"engine": "cpansec-cna-tool 0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2026-56018",
"datePublished": "2026-06-29T19:38:35.316Z",
"dateReserved": "2026-06-18T11:27:09.117Z",
"dateUpdated": "2026-06-29T22:24:36.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-53464 (GCVE-0-2026-53464)
Vulnerability from cvelistv5 – Published: 2026-06-10 22:07 – Updated: 2026-06-11 12:38
VLAI
EPSS
VEX
Title
ImageMagick: Memory Leak in wand option parser when providing invalid arguments
Summary
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25.
Severity
4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/ImageMagick/ImageMagick/securi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ImageMagick | ImageMagick |
Affected:
< 7.1.2-25
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-53464",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T12:38:44.552836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T12:38:53.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ImageMagick",
"vendor": "ImageMagick",
"versions": [
{
"status": "affected",
"version": "\u003c 7.1.2-25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401: Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T22:07:06.566Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j989-f892-2335",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j989-f892-2335"
}
],
"source": {
"advisory": "GHSA-j989-f892-2335",
"discovery": "UNKNOWN"
},
"title": "ImageMagick: Memory Leak in wand option parser when providing invalid arguments"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-53464",
"datePublished": "2026-06-10T22:07:06.566Z",
"dateReserved": "2026-06-09T16:31:21.495Z",
"dateUpdated": "2026-06-11T12:38:53.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation MIT-41
Implementation
Strategy: Libraries or Frameworks
- Choose a language or tool that provides automatic memory management, or makes manual memory management less error-prone.
- For example, glibc in Linux provides protection against free of invalid pointers.
- When using Xcode to target OS X or iOS, enable automatic reference counting (ARC) [REF-391].
- To help correctly and consistently manage memory when programming in C++, consider using a smart pointer class such as std::auto_ptr (defined by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr (specified by an upcoming revision of the C++ standard, informally referred to as C++ 1x), or equivalent solutions such as Boost.
Mitigation
Architecture and Design
Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Architecture and Design
Build and Compilation
Consider using the Boehm-Demers-Weiser garbage collector (bdwgc), which can help avoid leaks.
No CAPEC attack patterns related to this CWE.