CVE-2026-30937: ImageMagick has heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation

March 12, 2026

A 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur.

=================================================================
==741961==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000083dc at pc 0x56553b4c4245 bp 0x7ffd9d20fef0 sp 0x7ffd9d20fee0
WRITE of size 1 at 0x5020000083dc thread T0

References

github.com/ImageMagick/ImageMagick
github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpg4-j99f-8xcg
github.com/advisories/GHSA-qpg4-j99f-8xcg
nvd.nist.gov/vuln/detail/CVE-2026-30937

Code Behaviors & Features

Detect and mitigate CVE-2026-30937 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →