CVE-2026-21487
Unknown Unknown - Not Provided
Out-of-Bounds Read in iccDEV CIccProfile::LoadTag Function

Publication date: 2026-01-06

Last updated on: 2026-01-06

Assigner: GitHub, Inc.

Description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have an Out-of-bounds Read, Use of Out-of-range Pointer Offset and have Improper Input Validation in its CIccProfile::LoadTag function. This issue is fixed in version 2.3.1.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-06
Last Modified
2026-01-06
Generated
2026-06-16
AI Q&A
2026-01-06
EPSS Evaluated
2026-06-15
NVD
CVE-2026-21487
EUVD
EUVD-2026-1154
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
internationalcolorconsortium iccdev to 2.3.1.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-823 The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in iccDEV versions 2.3.1.1 and below involves improper input validation in the CIccProfile::LoadTag function. Specifically, the function fails to properly validate ICC profile tag sizes and offsets, leading to out-of-bounds reads and use of out-of-range pointer offsets. This means the software might read memory outside the intended buffer, potentially causing crashes or other unexpected behavior. The issue was fixed by adding checks to ensure tag offsets and sizes are within valid boundaries before processing. [1, 2]

Impact Analysis

An attacker with local access and no privileges can exploit this vulnerability with low complexity, but user interaction is required. Exploitation can lead to denial of service by causing the application to crash or become unavailable due to out-of-bounds memory reads. The impact on confidentiality is low, there is no impact on integrity, but availability is highly impacted. [2]

Detection Guidance

This vulnerability relates to improper input validation and out-of-bounds reads in the iccDEV library when processing ICC color profiles. Detection would involve identifying usage of vulnerable iccDEV versions (2.3.1.1 and below) and analyzing ICC profile files for malformed tags that trigger the issue. Since the vulnerability is local and requires user interaction, network detection is limited. There are no specific detection commands provided in the resources. However, checking the installed iccDEV version and scanning for ICC profile files processed by the vulnerable library could help. No explicit commands are available from the provided information.

Mitigation Strategies

The immediate mitigation step is to upgrade the iccDEV library to version 2.3.1.2 or later, where the vulnerability is fixed by enhanced validation of ICC profile tag sizes in the CIccProfile::LoadTag function. This update prevents out-of-bounds reads and improper input validation by verifying tag offsets and sizes against the ICC profile header and file length. No workarounds are provided, so upgrading is the recommended action. [2, 1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-21487. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart