Vulnerability Details CVE-2026-21487
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have an Out-of-bounds Read, Use of Out-of-range Pointer Offset and have Improper Input Validation in its CIccProfile::LoadTag function. This issue is fixed in version 2.3.1.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.4%
CVSS Severity
CVSS v3 Score 6.1
References