CVE-2026-34556
CVE-2026-34556 affects the iccDEV library prior to 2.3.1.6. A heap-buffer-overflow in icAnsiToUtf8() within the XML conversion path is triggered by a crafted ICC profile, causing code that assumes null-termination to read past allocated memory (ASan reports an out-of-bounds READ of size 115 past ...