How severe is CVE-2026-21493?

CVE-2026-21493 has a CVSS v3 score of 6.6 (MEDIUM).

CVE-2026-21493

Name: iccdev
Author: color

6.6MEDIUM

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during

Publicado: 1/6/2026Actualizado: 1/14/2026

Descripción

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during XML Curve Serialization. This issue is fixed in version 2.3.1.2.

Análisis IAImpulsado por IA

Productos Afectados

coloriccdev

Referencias

https://github.com/InternationalColorConsortium/iccDEV/commit/7ff76d1471077172f9659de8d9536443eac7c48f
Patch
https://github.com/InternationalColorConsortium/iccDEV/issues/358
ExploitIssue TrackingVendor Advisory
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-p85g-f9q7-jmjx
PatchVendor Advisory