CVE-2026-34542

CVE-2026-34542 affects iccDEV before version 2.3.1.6, where a crafted ICC profile can trigger a stack-buffer-overflow in CIccCalculatorFunc::Apply() when processed via iccApplyNamedCmm. Under AddressSanitizer this appears as a 4-byte write stack-buffer-overflow in IccProfLib/IccMpeCalc.cpp:3873, ...

CVE-2026-31795 iccDEV has a stack buffer overflow write in CIccXform3DLut::Apply()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow write in CIccXform3DLut::Apply corrupting stack memory or crash. This vulnerability is fixed in 2.3.1.5...

CVE-2026-25634

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply int IccTagMPE.cpp. This vulnerability is fixed in 2.3.1....

CVE-2026-25634 iccDEV memcpy-param-overlap in CIccTagMultiProcessElement::Apply()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply int IccTagMPE.cpp. This vulnerability is fixed in 2.3.1....

Image-Processing 安全漏洞

Image-Processing is an image-processing code repository that uses C. A security vulnerability exists in Image-Processing versions prior to 1.12.2 that stems from the use of unprocessed user input in the apply method, which allows an attacker to execute system commands...