Login Sign Up

CVE-2026-21491

6.1 MEDIUM
Denial of Service Buffer Overflow

📋 TL;DR

A buffer overflow vulnerability in iccDEV's CIccTagTextDescription function allows attackers to execute arbitrary code or crash applications by processing specially crafted ICC color profiles. This affects all users of iccDEV library versions before 2.3.1.2 that handle untrusted ICC profiles.

💻 Affected Systems

Products:
  • iccDEV library
  • Applications using iccDEV for ICC profile processing
Versions: All versions prior to 2.3.1.2
Operating Systems: All platforms where iccDEV is used (Linux, Windows, macOS)
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability triggers when processing ICC profiles with malformed text description tags.

📦 What is this software?

Iccdev by Color

View all CVEs affecting Iccdev →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Application crashes causing denial of service, potentially leading to data corruption in color-sensitive applications.

🟢

If Mitigated

Limited impact with proper input validation and memory protections, possibly just crashes.

🌐 Internet-Facing: MEDIUM - Exploitable if applications process user-uploaded ICC profiles, but requires specific workflow.
🏢 Internal Only: LOW - Typically requires local file access or specific application integration.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Requires crafting specific ICC profile files; no public exploit code available yet.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.3.1.2

Vendor Advisory: https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-4pv4-4x2x-6j88

Restart Required: Yes

Instructions:

1. Download iccDEV 2.3.1.2 from official repository. 2. Replace existing iccDEV installation. 3. Recompile any applications using iccDEV. 4. Restart affected services.

🔧 Temporary Workarounds

Input Validation

all

Implement strict validation of ICC profile files before processing

🧯 If You Can't Patch

  • Restrict file uploads of ICC profiles to trusted sources only
  • Implement application sandboxing or memory protection mechanisms

🔍 How to Verify

Check if Vulnerable:

Check iccDEV version; if <2.3.1.2, vulnerable. Review applications using iccDEV.

Check Version:

iccdev --version or check library headers

Verify Fix Applied:

Confirm iccDEV version is 2.3.1.2 or higher; test with known malicious ICC profiles.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing ICC files
  • Memory access violation errors
  • Unusual file processing patterns

Network Indicators:

  • Uploads of ICC profile files to vulnerable endpoints

SIEM Query:

source="application.log" AND ("segmentation fault" OR "buffer overflow" OR "ICC profile")

📊 Metadata

CVE ID: CVE-2026-21491
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
CWE: CWE-122
EPSS Score: 0.01% exploit probability (1.8th percentile)
Published: January 6, 2026
Last Updated: January 12, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-21491, you might also want to check these:

CVE-2021-21940 10.0

A heap-based buffer overflow vulnerability in Anker Eufy Homebase 2's RTSP handling allows remote co...

Same vulnerability type (CWE-122)
CVE-2023-45318 10.0

This critical vulnerability allows remote attackers to execute arbitrary code on systems running Wes...

Same vulnerability type (CWE-122)
CVE-2025-23123 10.0

A heap buffer overflow vulnerability in UniFi Protect Camera firmware allows remote code execution. ...

Same vulnerability type (CWE-122)