Login Sign Up

CVE-2026-21496

5.5 MEDIUM
Denial of Service

📋 TL;DR

CVE-2026-21496 is a NULL pointer dereference vulnerability in iccDEV's signature parser that can cause denial of service. This affects applications using iccDEV libraries for ICC color profile processing. Users of iccDEV versions before 2.3.1.2 are vulnerable.

💻 Affected Systems

Products:
  • iccDEV library and tools
Versions: All versions before 2.3.1.2
Operating Systems: All platforms running iccDEV
Default Config Vulnerable: ⚠️ Yes
Notes: Any application using iccDEV libraries to parse ICC color profiles is affected.

📦 What is this software?

Iccdev by Color

View all CVEs affecting Iccdev →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Application crash leading to denial of service, potentially disrupting color-critical workflows in design, printing, or imaging applications.

🟠

Likely Case

Application instability or crash when processing malformed ICC color profiles, requiring restart of affected software.

🟢

If Mitigated

Minimal impact with proper input validation and error handling in place; application may log errors but continue functioning.

🌐 Internet-Facing: LOW - Requires processing of attacker-controlled ICC files, typically not directly internet-exposed functionality.
🏢 Internal Only: MEDIUM - Internal applications processing untrusted ICC files could experience service disruption.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires providing a specially crafted ICC profile file to the vulnerable parser.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.3.1.2

Vendor Advisory: https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-wj8m-6w77-r4rw

Restart Required: Yes

Instructions:

1. Update iccDEV to version 2.3.1.2 or later. 2. Rebuild any applications using iccDEV libraries. 3. Restart affected services.

🔧 Temporary Workarounds

Input validation for ICC files

all

Implement strict validation of ICC profile files before processing with iccDEV

Sandbox ICC processing

all

Isolate ICC profile processing in separate containers or processes to limit crash impact

🧯 If You Can't Patch

  • Implement strict file upload controls to prevent untrusted ICC files from reaching vulnerable systems
  • Monitor application logs for crashes related to ICC profile processing and implement automated restart mechanisms

🔍 How to Verify

Check if Vulnerable:

Check if iccDEV version is below 2.3.1.2 using the version check command

Check Version:

iccdev --version or check library version in application dependencies

Verify Fix Applied:

Confirm iccDEV version is 2.3.1.2 or higher and test with known problematic ICC profiles

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with segmentation faults when processing ICC files
  • Error logs mentioning iccDEV signature parser failures

Network Indicators:

  • Unusual uploads of ICC profile files to affected systems

SIEM Query:

source="application_logs" AND ("segmentation fault" OR "null pointer" OR "iccdev")

📊 Metadata

CVE ID: CVE-2026-21496
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE: CWE-20
EPSS Score: 0.02% exploit probability (4.3th percentile)
Published: January 7, 2026
Last Updated: January 9, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-21496, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)