CVE-2026-21674 – CVE-2026-21674 is a memory leak vulnerability i... (How to Fix)

Q: What is the severity of CVE-2026-21674?

CVE-2026-21674 has a CVSS score of 3.3 (LOW). CVE-2026-21674 is a memory leak vulnerability in iccDEV's XML parsing functionality (iccFromXml) that allows attackers to cause gradual memory exhaustion by repeatedly processing malicious XML files. This affects users of iccDEV libraries and tools for ICC color management profiles. The vulnerability can lead to denial of service through resource exhaustion.

📋 TL;DR

CVE-2026-21674 is a memory leak vulnerability in iccDEV's XML parsing functionality (iccFromXml) that allows attackers to cause gradual memory exhaustion by repeatedly processing malicious XML files. This affects users of iccDEV libraries and tools for ICC color management profiles. The vulnerability can lead to denial of service through resource exhaustion.

💻 Affected Systems

Products:

iccDEV libraries and tools

Versions: Versions 2.3.1 and below

Operating Systems: All operating systems where iccDEV is installed

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when processing XML files through iccFromXml function. Any application using iccDEV libraries for XML parsing of ICC profiles is affected.

📦 What is this software?

Iccdev by Color

View all CVEs affecting Iccdev →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to complete system memory exhaustion, causing application crashes or system instability requiring reboot.

🟠

Likely Case

Gradual memory consumption leading to degraded application performance and potential application crashes over time.

🟢

If Mitigated

Minimal impact with proper monitoring and resource limits in place, though memory usage would still be inefficient.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires ability to supply XML input to vulnerable parsing function. No authentication bypass needed if XML input is accepted.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.3.1.1

Vendor Advisory: https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-xww6-v3vg-4qc7

Restart Required: Yes

Instructions:

1. Download iccDEV version 2.3.1.1 from official repository. 2. Replace existing iccDEV installation with patched version. 3. Restart any applications using iccDEV libraries.

🔧 Temporary Workarounds

Disable XML parsing

all

Temporarily disable XML parsing functionality if not required

# Configure applications to avoid using iccFromXml function
# Use alternative ICC profile loading methods

Input validation

all

Implement strict validation of XML input before processing

# Add XML schema validation before passing to iccDEV
# Limit XML file size and complexity

🧯 If You Can't Patch

Implement memory usage monitoring and alerts for applications using iccDEV
Restrict XML input sources to trusted origins only

🔍 How to Verify

Check if Vulnerable:

Check iccDEV version: if version ≤ 2.3.1 and application uses iccFromXml function, system is vulnerable.

Check Version:

iccdev --version or check library version in application dependencies

Verify Fix Applied:

Verify iccDEV version is 2.3.1.1 or higher and test XML parsing functionality for memory stability.

📡 Detection & Monitoring

Log Indicators:

Unusual memory consumption patterns in application logs
Application crashes with out-of-memory errors

Network Indicators:

Repeated XML file uploads to vulnerable endpoints

SIEM Query:

source="application_logs" AND ("out of memory" OR "memory leak" OR "iccFromXml")

📊 Metadata

CVE ID: CVE-2026-21674

CVSS v3 Score: 3.3 (LOW)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE: CWE-401

EPSS Score: 0.01% exploit probability (1.7th percentile)

Published: January 6, 2026

Last Updated: January 12, 2026

🔗 References

https://github.com/InternationalColorConsortium/iccDEV/commit/d7028d8f558bb681efe2b85f02eb4ca374502cbb Patch
https://github.com/InternationalColorConsortium/iccDEV/issues/241 Issue Tracking,Exploit,Vendor Advisory
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-xww6-v3vg-4qc7 Patch,Vendor Advisory
https://github.com/InternationalColorConsortium/iccDEV/issues/241 Issue Tracking,Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-21674, you might also want to check these: