CVE-2026-56363
LowCVSS 3.3Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
In ImageMagick before version 7.1.2-22, a division by zero vulnerability exists in binomial kernel processing. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash.
Risk Assessment
The risk is a Denial of Service (DoS) attack, where a crafted image can crash the application, potentially disrupting services.
Recommendation
Immediately upgrade ImageMagick to version 7.1.2-22 or later, which includes a fix for this vulnerability.
Original NVD description (English source)
ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash.

