CVE-2026-21678 iccDEV has heap-buffer-overflow vulnerability on IccTagXml()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap-buffer-overflow vulnerability in IccTagXml. This issue has been patched in version 2.3.1.2...

CVE-2026-21678 iccDEV has heap-buffer-overflow vulnerability on IccTagXml()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap-buffer-overflow vulnerability in IccTagXml. This issue has been patched in version 2.3.1.2...

CVE-2026-21506

CVE-2026-21506 (iccDEV) concerns a null pointer dereference in CIccProfileXml::ParseBasic() affecting iccDEV versions prior to 2.3.1.2, leading toDenial of Service. The issue is confirmed across multiple sources (Red Hat advisory, NVD entry, CVE records) and is documented as a vulnerability in th...

CVE-2026-21506 iccDEV is Vulnerable to Null Pointer Dereference in CIccProfileXml::ParseBasic() Leading to Denial of Service

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to Null pointer dereference in CIccProfileXml::ParseBasic, leading to denial of service. This issue has been...

CVE-2026-21505 iccDEV has Undefined Behavior (UB) - Invalid Enum Value

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2...

CVE-2026-21505 iccDEV has Undefined Behavior (UB) - Invalid Enum Value

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2...

CVE-2026-21505 iccDEV has Undefined Behavior (UB) - Invalid Enum Value

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2...

CVE-2026-21503

iccDEV is affected by undefined behavior prior to version 2.3.1.2 due to a null pointer passed to memcpy() in CIccTagSparseMatrixArray. The issue has been patched in version 2.3.1.2. Affected scope: iccDEV library/tooling for ICC color management profiles. Impact is defined as undefined behavior ...

CVE-2026-21503 iccDEV has Undefined Behavior - Null Pointer Passed to memcpy() in CIccTagSparseMatrixArray

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to a null pointer passed to memcpy in CIccTagSparseMatrixArray. This issue has been patched in...

CVE-2026-21504 Heap Buffer Overflow in iccDEV ToneMap Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap buffer overflow in the ToneMap parser. This issue has been patched in version 2.3.1.2...

CVE-2026-21504 Heap Buffer Overflow in iccDEV ToneMap Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap buffer overflow in the ToneMap parser. This issue has been patched in version 2.3.1.2...

CVE-2026-21502 NULL Pointer Dereference in iccDEV XML Tag Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML tag parser. This issue has been patched in version 2.3.1.2...

CVE-2026-21502 NULL Pointer Dereference in iccDEV XML Tag Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML tag parser. This issue has been patched in version 2.3.1.2...

CVE-2026-21502 NULL Pointer Dereference in iccDEV XML Tag Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML tag parser. This issue has been patched in version 2.3.1.2...

CVE-2026-21500

iccDEV before 2.3.1.2 is affected by a stack overflow in the XML calculator macro expansion. This vulnerability allows local exploitation with user interaction and has a base CVSSv3.1 score of 7.8 (HIGH). The issue is patched in 2.3.1.2. Affected component: the XML calculator macro expansion in i...

CVE-2026-21500 Stack Overflow in iccDEV XML Calculator Macro Expansion

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to stack overflow in the XML calculator macro expansion. This issue has been patched in version 2.3.1.2...

CVE-2026-21500 Stack Overflow in iccDEV XML Calculator Macro Expansion

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to stack overflow in the XML calculator macro expansion. This issue has been patched in version 2.3.1.2...

CVE-2026-21500 Stack Overflow in iccDEV XML Calculator Macro Expansion

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to stack overflow in the XML calculator macro expansion. This issue has been patched in version 2.3.1.2...

CVE-2026-21499

CVE-2026-21499 affects iccDEV prior to 2.3.1.2, due to a NULL pointer dereference in the XML parser. The issue is documented as a vulnerability in iccDEV’s XML parsing path, with patch released in version 2.3.1.2. Impact is described as availability loss (A) with no confidentiality/integrity impa...

CVE-2026-21499 NULL Pointer Dereference in iccDEV XML Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML parser. This issue has been patched in version 2.3.1.2...