CVE-2026-24409 | InternationalColorConsortium iccDEV up to 2.3.1.1/2.3.1.2 ParseXml input validation (ID 484)

Inserito da Angelo Barbosa | Gen 24, 2026 | CVE

A vulnerability, which was classified as critical, has been found in InternationalColorConsortium iccDEV up to 2.3.1.1/2.3.1.2. The affected element is the function CIccTagXmlFloatNum<>::ParseXml. Performing a manipulation results in improper input validation.

This vulnerability is reported as CVE-2026-24409. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2026-24409 | InternationalColorConsortium iccDEV up to 2.3.1.1/2.3.1.2 ParseXml input validation (ID 484)

Post correlati

CVE-2024-0854 | Synology DiskStation Manager prior 7.2.1-69057-2 File Access redirect (SA_24_02)

CVE-2025-54480 | Biosig libbiosig 3.9.0 MFER Parser biosig.c stack-based overflow (TALOS-2025-2234)

CVE-2025-8332 | code-projects Online Farm System 1.0 /register.php Username sql injection

CVE-2025-15116 | OpenCart up to 4.1.0.3 Single-Use Coupon race condition