CVE-2026-34534 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 ICC Color Profile Describe heap-based overflow (ID 665)

Inserito da Angelo Barbosa | Apr 1, 2026 | CVE

A vulnerability was found in InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 and classified as critical. Impacted is the function CIccMpeSpectralMatrix::Describe of the component ICC Color Profile Handler. Executing a manipulation can lead to heap-based buffer overflow.

This vulnerability appears as CVE-2026-34534. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-34534 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 ICC Color Profile Describe heap-based overflow (ID 665)

Post correlati

CVE-2025-1063 | techlabpro1 Classified Listing Plugin up to 4.0.4 on WordPress rtcl_taxonomy_settings_export information disclosure

CVE-2024-26985 | Linux Kernel up to 6.8.7/6.9-rc4 DRM intel_fb_bo_framebuffer_init buffer overflow (7d8ac0942c31/652ead9b746a)

CVE-2024-0851 | Grup Arge Energy and Control Systems Smartpower up to 24.05.27 sql injection

CVE-2025-23213 | Tandoor recipes up to 1.5.27 unrestricted upload