CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-22861

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp. This vulnerability affects users of the iccDEV library who process ICC color profiles. The vulnerability is fixed in 2.3.1.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.5%

CVSS Severity

CVSS v3 Score 8.8

References

https://github.com/InternationalColorConsortium/iccDEV/commit/fa9a364c01fc2e59eb2291e1f9b1c1359b7d5329
https://github.com/InternationalColorConsortium/iccDEV/pull/475
https://github.com/InternationalColorConsortium/iccDEV/pull/476
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-vr49-3vf8-7j5h

Products affected by CVE-2026-22861

Color » Iccdev » Version: 2.2.50

cpe:2.3:a:color:iccdev:2.2.50
Color » Iccdev » Version: 2.2.6

cpe:2.3:a:color:iccdev:2.2.6
Color » Iccdev » Version: 2.3.1

cpe:2.3:a:color:iccdev:2.3.1
Color » Iccdev » Version: 2.3.1.1

cpe:2.3:a:color:iccdev:2.3.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-22861

Products

Pricing

Contact Us