CVE-2026-34537

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccOpDefEnvVar::Exec due to invalid enum values being loaded for icSigCmmEnvVar. The issue is observable under UBSan a...

CVE-2026-34533

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccCalculatorFunc::ApplySequence due to invalid enum values being loaded for icChannelFuncSignature. The issue is...

CVE-2026-34552 iccDEV: UB at IccTagLut.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

CVE-2026-34552

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

CVE-2026-34552 iccDEV: UB at IccTagLut.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

EUVD-2026-17717

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

CVE-2026-34552

The iccDEV CVE-2026-34552 affects the IccTagLut.cpp path, where a null pointer dereference of type CIccApplyCLUT can trigger Undefined Behavior. This occurs in versions prior to 2.3.1.6 and has been fixed in 2.3.1.6. The issue is rooted in member access through a null pointer in that file, leadin...

CVE-2026-34552 iccDEV: UB at IccTagLut.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

CVE-2026-34550 iccDEV: UB at IccIO.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccProfLib/IccIO.cpp caused by an implicit conversion from a negative signed integer to sizet unsigned, which changes the value. Th...

EUVD-2026-17715

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccProfLib/IccIO.cpp caused by an implicit conversion from a negative signed integer to sizet unsigned, which changes the value. Th...

CVE-2026-34550

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccProfLib/IccIO.cpp caused by an implicit conversion from a negative signed integer to sizet unsigned, which changes the value. Th...

CVE-2026-34550

CVE-2026-34550 affects iccDEV libraries (IccIO.cpp) with an Undefined Behavior due to an implicit conversion from a negative signed integer to size_t, changing the value. AFFECTED: iccDEV prior to version 2.3.1.6. IMPACT: UB in IccProfLib/IccIO.cpp; no exploitation details provided. REMEDIATION: ...

CVE-2026-34549 iccDEV: UB at IccUtil.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

CVE-2026-34549

iccDEV contains an Undefined Behavior in IccUtil.cpp caused by invalid left shift on icUInt32Number when processing a crafted ICC profile. Affects versions prior to 2.3.1.6; the issue is fixed in 2.3.1.6. Public references indicate the UB is reported under UndefinedBehaviorSanitizer. There is no ...

CVE-2026-34549

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

CVE-2026-34549 iccDEV: UB at IccUtil.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

CVE-2026-34549 iccDEV: UB at IccUtil.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

EUVD-2026-17714

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

EUVD-2026-17713

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in the XML conversion tooling path iccToXml caused by an implicit conversion from a negative signed integer to icUInt32Number unsigned...

CVE-2026-34548

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in the XML conversion tooling path iccToXml caused by an implicit conversion from a negative signed integer to icUInt32Number unsigned...