CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-21488

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.7%

CVSS Severity

CVSS v3 Score 6.1

References

https://github.com/InternationalColorConsortium/iccDEV/commit/9daaccceb231c43db8cab312ee5bbe9d2aa6b153
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-4j2g-rvv4-86vg

Products affected by CVE-2026-21488

Color » Iccdev » Version: Any

cpe:2.3:a:color:iccdev:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-21488

Products

Pricing

Contact Us