CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-21493

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during XML Curve Serialization. This issue is fixed in version 2.3.1.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.5%

CVSS Severity

CVSS v3 Score 6.6

References

https://github.com/InternationalColorConsortium/iccDEV/commit/7ff76d1471077172f9659de8d9536443eac7c48f
https://github.com/InternationalColorConsortium/iccDEV/issues/358
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-p85g-f9q7-jmjx

Products affected by CVE-2026-21493

Color » Iccdev » Version: Any

cpe:2.3:a:color:iccdev:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-21493

Products

Pricing

Contact Us