Introduction
A heap buffer overflow in ImageMagick's MVG (Magick Vector Graphics) decoder allows unauthenticated attackers to crash image processing services by submitting a single crafted image file. Given that ImageMagick is embedded in web backends, content management systems, and automated pipelines across the internet, this CVSS 7.5 vulnerability represents a meaningful availability risk for any service that processes untrusted image uploads with the MVG coder enabled.
Technical Information
CVE-2026-33901 is rooted in insufficient bounds checking within the MVG decoder, specifically in the RenderMVGContent function located in MagickCore/draw.c. The vulnerability is classified under CWE-122 (Heap based Buffer Overflow) and CWE-787 (Out of bounds Write). When ImageMagick parses a maliciously crafted MVG image, the decoder writes data past the end of an allocated heap buffer, leading to memory corruption.
The Vulnerable Code Path
Before the fix, the RenderMVGContent function performed only a NULL pointer check on the variable q during MVG content parsing. This was insufficient to prevent writes beyond the allocated MagickPathExtent boundary. The patch, implemented in commit 4c72003e9e54a4ebaa938d239e75f5d285527ebe, adds an explicit length validation:
if ((q == (char *) NULL) || ((q - p + 4 + 1) > MagickPathExtent)) { status = MagickFalse; break; }
The new condition ((q - p + 4 + 1) > MagickPathExtent) ensures that the distance between the current write position and the start of the buffer, plus the bytes about to be written, does not exceed the defined boundary. If a crafted input attempts to push past this limit, the function safely terminates by setting status to MagickFalse and breaking out of the processing loop.
CVSS Vector Breakdown
The CVSS 3.1 base score of 7.5 reflects the following characteristics:
| Metric | Value | Notes |
|---|---|---|
| Attack Vector | Network | Triggerable remotely via uploaded files |
| Attack Complexity | Low | No advanced conditions required |
| Privileges Required | None | Unauthenticated users can trigger the flaw |
| User Interaction | None | Processing the file is sufficient |
| Availability Impact | High | Application crash or denial of service |
| Confidentiality Impact | None | No data exfiltration risk from this vector |
| Integrity Impact | None | No data modification risk |
Attack Flow
An attacker targeting this vulnerability would follow a straightforward path:
- Craft a malicious MVG image file designed to produce input that exceeds the
MagickPathExtentboundary during parsing inRenderMVGContent. - Submit the crafted file to any service that accepts image uploads and processes them through a vulnerable version of ImageMagick with the MVG coder enabled. This could be a web application's image upload endpoint, a CMS thumbnail generator, or a backend worker queue.
- When ImageMagick processes the file, the heap buffer overflow triggers, causing the process to crash. Repeated submissions could sustain a denial of service condition.
Dependency Impact
The attack surface is not limited to direct ImageMagick installations. Wrapper libraries that bundle or depend on ImageMagick are equally affected. The popular .NET wrapper Magick.NET explicitly references this vulnerability (GHSA-x9h5-r9v2-vcww) in its release notes and requires an update to version 14.12.0 to incorporate the upstream fix. Similar exposure exists for any language binding or container image that ships a vulnerable ImageMagick version.
Affected Systems and Versions
The following components and version ranges are affected:
| Component | Vulnerable Versions | Fixed Versions |
|---|---|---|
| ImageMagick 7.x | All versions below 7.1.2-19 | 7.1.2-19 |
| ImageMagick 6.x | All versions below 6.9.13-44 | 6.9.13-44 |
| Magick.NET | All versions below 14.12.0 | 14.12.0 |
Any application, container image, or CI/CD pipeline that includes an unpatched version of these components and processes untrusted MVG input is vulnerable.
For environments where immediate patching is not possible, disabling the MVG coder via ImageMagick's policy.xml is an effective interim mitigation:
<policymap> <policy domain="coder" rights="none" pattern="MVG" /> </policymap>
Additional hardening measures include restricting ImageMagick to web safe formats (GIF, JPEG, PNG), enforcing resource limits, sandboxing the process, and validating magic bytes on all uploaded files before processing.
Vendor Security History
ImageMagick's extensive format support has historically been a source of security issues. The most significant prior incident was CVE-2016-3714, widely known as "ImageTragick," which allowed remote code execution through improper sanitization of shell commands during image processing. That vulnerability prompted widespread adoption of policy.xml hardening, with the vendor and security community specifically recommending that the MVG, EPHEMERAL, URL, and MSL coders be disabled on public facing services.
The appearance of CVE-2026-33901 in the same MVG decoder a decade later underscores that the MVG coder remains a high risk component. Organizations that followed the post ImageTragick guidance to disable MVG processing would already be protected against this new vulnerability, reinforcing the value of a default deny policy for non essential image formats.
