CVE-2026-30986
Received Received - Intake
Heap-Based Buffer Overflow in iccDEV ICC Profile Library Causes Crash

Publication date: 2026-03-10

Last updated on: 2026-03-13

Assigner: GitHub, Inc.

Description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow write in CIccMatrixMath::SetRange() causing memory corruption or crash. This vulnerability is fixed in 2.3.1.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-10
Last Modified
2026-03-13
Generated
2026-06-16
AI Q&A
2026-03-10
EPSS Evaluated
2026-06-14
NVD
CVE-2026-30986
EUVD
EUVD-2026-10731
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
color iccdev to 2.3.1.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-30986 is a heap-based buffer overflow vulnerability in the iccDEV project, specifically in the function CIccCLUT::Interp3d() used for 3D interpolation within color lookup tables (CLUTs) in ICC profile processing.

The vulnerability occurs because the function attempts to access memory using an index that can be out-of-bounds, such as a negative value interpreted as an unsigned integer, leading to invalid memory access.

This causes memory corruption or application crashes (segmentation faults) during color management operations.

The issue was identified through fuzz testing and fixed by adding a clipping step that clamps negative input values to zero before interpolation, preventing the out-of-bounds access.

The fix was implemented in version 2.3.1.5 of iccDEV.

Impact Analysis

This vulnerability can lead to memory corruption or crashes of applications using the iccDEV library for ICC color profile processing.

An attacker with local access and the ability to trigger the vulnerable function (requiring user interaction) could cause denial of service by crashing the application.

The vulnerability does not impact confidentiality or integrity of data, but it has a high impact on availability.

Compliance Impact

I don't know

Detection Guidance

The vulnerability manifests as a heap buffer overflow in the function CIccCLUT::Interp3d(), causing memory corruption or a crash during ICC profile processing.

Detection can be performed by reproducing the crash using a specially crafted ICC profile file and running the iccApplyNamedCmm command with that profile, as documented in the issue report.

  • Use AddressSanitizer and UndefinedBehaviorSanitizer enabled builds to detect memory errors during execution.
  • Run the test case involving the ICC profile file named npd-CIccMpeCalculator-GetNewApply-IccMpeCalc_cpp-Line4929.icc with the iccApplyNamedCmm tool to trigger the vulnerability.
  • Monitor for segmentation faults or crashes in processes using iccDEV libraries for ICC profile processing.
Mitigation Strategies

The primary mitigation step is to upgrade the iccDEV package to version 2.3.1.5 or later, where the vulnerability has been fixed.

No workarounds are provided, so applying the official patch or updated release is necessary to prevent exploitation.

  • Update iccDEV to version 2.3.1.5 using package managers such as Homebrew, NPM, or Docker images as appropriate.
  • Avoid processing untrusted or malformed ICC profiles until the update is applied.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-30986. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart