CVE-2026-21688 | InternationalColorConsortium iccDEV up to 2.3.1.2 ICC Color Profile IccMpeCalc.cpp SIccCalcOp::ArgsPushed input validation

Inserito da Angelo Barbosa | Gen 7, 2026 | CVE

A vulnerability has been found in InternationalColorConsortium iccDEV up to 2.3.1.2 and classified as critical. This affects the function SIccCalcOp::ArgsPushed in the library IccProfLib/IccMpeCalc.cpp of the component ICC Color Profile Handler. This manipulation causes improper input validation.

The identification of this vulnerability is CVE-2026-21688. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-21688 | InternationalColorConsortium iccDEV up to 2.3.1.2 ICC Color Profile IccMpeCalc.cpp SIccCalcOp::ArgsPushed input validation

Post correlati

CVE-2024-5042 | submariner-operator RBAC permission

CVE-2025-31366 | Fortinet FortiOS/FortiProxy up to 6.4.16/7.0.17/7.2.12/7.4.7/7.6.2 cross site scripting (FG-IR-24-542)

CVE-2024-22182 | Commend WS203VICM up to 1.7 Messages argument injection (icsa-24-051-01)

CVE-2025-59407 | Flock Safety Bravo Edge AI Compute Device 6.35.33 on Android com.flocksafety.android.objects flock_rye.bks hard-coded password