CVE-2026-34554 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 JSON Configuration IccCmmSearch.cpp costFunc out-of-bounds (ID 700)

Inserito da Angelo Barbosa | Apr 1, 2026 | CVE

A vulnerability, which was classified as problematic, was found in InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5. This vulnerability affects the function CIccApplyCmmSearch::costFunc in the library IccProfLib/IccCmmSearch.cpp of the component JSON Configuration Handler. Such manipulation leads to out-of-bounds read.

This vulnerability is documented as CVE-2026-34554. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2026-34554 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 JSON Configuration IccCmmSearch.cpp costFunc out-of-bounds (ID 700)

Post correlati

CVE-2025-40912 | MIK CryptX up to 0.064 on Perl LibTomCrypt vulnerable third-party component (Issue 507)

CVE-2024-33515 | Aruba ArubaOS up to 8.10.0.10/8.11.2.1/10.4.1.0/10.5.1.0 AP Management Service denial of service (ARUBA-PSA-2024-004)

CVE-2023-51784 | Apache InLong up to 1.9.0 code injection

CVE-2026-2097 | Flowring Agentflow unrestricted upload