VYPR
Unrated severityNVD Advisory· Published Jan 6, 2026· Updated Jan 6, 2026

iccDEV has Type Confusion during XML Curve Serialization

CVE-2026-21493

Description

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during XML Curve Serialization. This issue is fixed in version 2.3.1.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • iccDEV/iccDEVllm-fuzzy
    Range: <=2.3.1.1
  • InternationalColorConsortium/iccDEVv5
    Range: < 2.3.1.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.