CVE-2026-25584 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2 ICC File Parser GetValues memory corruption (ID 551)

Inserito da Angelo Barbosa | Feb 5, 2026 | CVE

A vulnerability was found in InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2. It has been rated as critical. This affects the function CIccTagFloatNum<>::GetValues of the component ICC File Parser. This manipulation causes memory corruption.

This vulnerability is tracked as CVE-2026-25584. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.

CVE-2026-25584 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2 ICC File Parser GetValues memory corruption (ID 551)

Post correlati

CVE-2023-46712 | Fortinet FortiPortal up to 7.0.6/7.2.1 HTTP Request access control (FG-IR-23-395)

CVE-2024-0869 | Instant Images Plugin up to 6.1.0 on WordPress Options Update improper authentication

CVE-2025-48995 | XML-Security signxml up to 4.0.3 timing discrepancy (GHSA-gmhf-gg8w-jw42)

CVE-2024-25121 | TYPO3 Persisting File Abstraction Layer access control