CVE-2026-34537 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 ICC Color Profile CIccOpDefEnvVar::Exec reliance on undefined, unspecified, or implementation-defined behavior (ID 670)

Inserito da Angelo Barbosa | Apr 1, 2026 | CVE

A vulnerability was found in InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5. It has been declared as problematic. The impacted element is the function CIccOpDefEnvVar::Exec of the component ICC Color Profile Handler. The manipulation results in reliance on undefined, unspecified, or implementation-defined behavior.

This vulnerability is known as CVE-2026-34537. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-34537 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 ICC Color Profile CIccOpDefEnvVar::Exec reliance on undefined, unspecified, or implementation-defined behavior (ID 670)

Post correlati

CVE-2024-21513 | langchain-experimental up to 0.0.20 Database eval code injection

CVE-2024-8655 | Mercury MNVR816 up to 2.0.1.0.5 /web-static/ file access

CVE-2023-48334 | League Table Plugin up to 1.13 on WordPress cross-site request forgery

CVE-2025-9784 | Red Hat Undertow HTTP/2 MadeYouReset denial of service