Login Sign Up

CVE-2026-21492

5.5 MEDIUM
Denial of Service

📋 TL;DR

CVE-2026-21492 is a NULL pointer dereference vulnerability in iccDEV library versions before 2.3.1.2 that could cause application crashes or denial of service when processing malicious ICC color profiles. This affects any software using iccDEV for color management operations. The vulnerability requires processing untrusted ICC profiles to be exploitable.

💻 Affected Systems

Products:
  • iccDEV library
  • Applications using iccDEV for ICC profile processing
Versions: All versions prior to 2.3.1.2
Operating Systems: All platforms where iccDEV is used
Default Config Vulnerable: ⚠️ Yes
Notes: Only vulnerable when processing ICC color profiles through affected iccDEV library functions

📦 What is this software?

Iccdev by Color

View all CVEs affecting Iccdev →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Application crash leading to denial of service, potentially causing data loss or service disruption in color-critical applications

🟠

Likely Case

Application crash or unexpected termination when processing malformed ICC profiles

🟢

If Mitigated

Minimal impact if proper input validation and error handling are implemented

🌐 Internet-Facing: LOW - Requires processing of malicious ICC profiles, which are not commonly transmitted over internet-facing services
🏢 Internal Only: MEDIUM - Internal applications processing untrusted ICC files could experience crashes

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires providing a malicious ICC profile to vulnerable software

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.3.1.2

Vendor Advisory: https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-xpq3-v3jj-mgvx

Restart Required: Yes

Instructions:

1. Update iccDEV library to version 2.3.1.2 or later
2. Recompile any applications using iccDEV with the updated library
3. Restart affected applications

🔧 Temporary Workarounds

Input validation

all

Implement strict validation of ICC profile files before processing

Sandbox processing

all

Isolate ICC profile processing in separate containers or sandboxes

🧯 If You Can't Patch

  • Implement strict file validation for all ICC profile inputs
  • Monitor application logs for crashes related to ICC profile processing

🔍 How to Verify

Check if Vulnerable:

Check if applications link to iccDEV library version < 2.3.1.2

Check Version:

ldd <application> | grep iccDEV or check library version in package manager

Verify Fix Applied:

Verify iccDEV library version is 2.3.1.2 or later and applications have been recompiled

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing ICC files
  • Segmentation faults in color management functions

Network Indicators:

  • Unusual ICC profile file transfers to vulnerable systems

SIEM Query:

Application logs containing 'segmentation fault' AND 'icc' OR 'color profile'

📊 Metadata

CVE ID: CVE-2026-21492
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE: CWE-252
EPSS Score: 0.01% exploit probability (1.7th percentile)
Published: January 6, 2026
Last Updated: January 12, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-21492, you might also want to check these:

CVE-1999-0199 9.8

This CVE describes a documentation issue in glibc's tdelete function where the return value behavior...

Same vulnerability type (CWE-252)
CVE-2025-66565 9.8

A critical vulnerability in Fiber Utils library versions 2.0.0-rc.3 and below causes predictable UUI...

Same vulnerability type (CWE-252)
CVE-2021-26955 9.8

This vulnerability in the xcb Rust crate allows attackers to trigger undefined behavior by exploitin...

Same vulnerability type (CWE-252)