EUVD-2026-1389

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccProfileXml::ParseBasic at...

CVE-2026-21689 iccDEV has Type Confusion in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cpp

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccProfileXml::ParseBasic at...

CVE-2026-21688

CVE-2026-21688 affects iccDEV prior to 2.3.1.2. A Type Confusion vulnerability exists in the SIccCalcOp::ArgsPushed() function located at IccProfLib/IccMpeCalc.cpp, impacting users processing ICC color profiles. The referenced patches/updates indicate a fix in version 2.3.1.2; no public workaroun...

CVE-2026-21688 iccDEV has Type Confusion in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in SIccCalcOp::ArgsPushed at IccProfLib/IccMpeCalc.cpp. This...

CVE-2026-21688 iccDEV has Type Confusion in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in SIccCalcOp::ArgsPushed at IccProfLib/IccMpeCalc.cpp. This...

CVE-2026-21687

iccDEV versions prior to 2.3.1.2 contain Undefined Behavior in CIccTagCurve::CIccTagCurve() when processing ICC color profiles. Version 2.3.1.2 contains a patch. Affected users should update to 2.3.1.2 or later. No exploitation details are provided in the documents; the vulnerability is described...

EUVD-2026-1393

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagCurve::CIccTagCurve. This vulnerability affects users of the iccD...

CVE-2026-21687 iccDEV has Undefined Behavior in CIccTagCurve::CIccTagCurve()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagCurve::CIccTagCurve. This vulnerability affects users of the iccD...

CVE-2026-21687 iccDEV has Undefined Behavior in CIccTagCurve::CIccTagCurve()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagCurve::CIccTagCurve. This vulnerability affects users of the iccD...

CVE-2026-21686

CVE-2026-21686 affects iccDEV: prior to 2.3.1.2, there is Undefined Behavior in CIccTagLutAtoB::Validate() when processing ICC color profiles. A patch exists in version 2.3.1.2. Affected users should upgrade to 2.3.1.2 or later. Public references consistently describe the issue as an undefined be...

CVE-2026-21686 iccDEV has Undefined Behavior in CIccTagLutAtoB::Validate()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...

CVE-2026-21686 iccDEV has Undefined Behavior in CIccTagLutAtoB::Validate()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...

CVE-2026-21684

iccDEV is affected in versions prior to 2.3.1.2, where Undefined Behavior occurs in CIccTagSpectralViewingConditions(). A patch is available in version 2.3.1.2. The vulnerability affects users processing ICC color profiles with iccDEV. No explicit exploitation details or in-the-wild activity are ...

CVE-2026-21684 iccDEV has Undefined Behavior in CIccTagSpectralViewingConditions()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagSpectralViewingConditions. This vulnerability affects users of th...

CVE-2026-21683

CVE-2026-21683 affects iccDEV: versions prior to 2.3.1.2 contain a Type Confusion in icStatusCMM::CIccEvalCompare::EvaluateProfile() when processing ICC color profiles. Version 2.3.1.2 provides a patch; no workarounds are documented. The vulnerability impact is indicated as high (per CVSS), but e...

CVE-2026-21683 iccDEV has Type Confusion in icStatusCMM::CIccEvalCompare::EvaluateProfile()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in icStatusCMM::CIccEvalCompare::EvaluateProfile. This...

CVE-2026-21682 iccDEV has heap-buffer-overflow in CIccXmlArrayType::ParseText()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow in CIccXmlArrayType::ParseText. This vulnerability affects users of the...

CVE-2026-21682 iccDEV has heap-buffer-overflow in CIccXmlArrayType::ParseText()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow in CIccXmlArrayType::ParseText. This vulnerability affects users of the...

CVE-2026-21682

ICCDEV versions prior to 2.3.1.2 contain a heap-buffer-overflow in CIccXmlArrayType::ParseText(). The vulnerability affects users processing ICC color profiles. Version 2.3.1.2 includes a patch; no workarounds are documented. Practical impact and exploit details are not provided in the connected ...

CVE-2026-21682 iccDEV has heap-buffer-overflow in CIccXmlArrayType::ParseText()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow in CIccXmlArrayType::ParseText. This vulnerability affects users of the...