Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2026-21485
CVE-2026-21485
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are prone to have Undefined Behavior (UB) and Out of Memory errors. This issue is fixed in version 2.3.1.2.
Published Jan 7, 2026
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-chp2-4gv5-2432
CVSS Score
High
8.8
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
iccdev
2.2.120
npm
iccdev
2.2.121
npm
iccdev
2.2.122
npm
iccdev
2.2.123
npm
iccdev
2.2.124
npm
iccdev
2.2.125
npm
iccdev
2.2.126
npm
iccdev
2.2.128
npm
iccdev
2.2.129
npm
iccdev
2.2.131
npm
iccdev
2.2.132
npm
iccdev
2.2.133
npm
iccdev
2.2.134
npm
iccdev
2.2.135
npm
iccdev
2.2.136
npm
iccdev
2.2.137
npm
iccdev
2.2.138
npm
iccdev
2.2.139
npm
iccdev
2.2.140
npm
iccdev
2.2.141
npm
iccdev
2.2.142
npm
iccdev
2.2.143
npm
iccdev
2.2.144
npm
iccdev
2.2.145
npm
iccdev
2.2.146
npm
iccdev
2.2.147
npm
iccdev
2.2.148
npm
iccdev
2.2.149
npm
iccdev
2.2.150
npm
iccdev
2.2.151
npm
iccdev
2.2.152
npm
iccdev
2.2.153
npm
iccdev
2.2.154
npm
iccdev
2.2.61
npm
iccdev
2.3.1
1-35 of 35
CVE-2026-21485 | Components Impacted | Sonatype Guide | Sonatype Guide
