Memory leak in ImageMagick - #VU135694
Published: June 29, 2026
ImageMagick
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to missing release of memory after effective lifetime in the TIFF encoder when processing an invalid tiff:tile-geometry value. A remote attacker can trick the victim into processing a crafted file to cause a denial of service.
User interaction is required to process the crafted input.