CVE-2026-34551

CVE-2026-34551

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference (NPD) in CIccTagLut16::Write() can be triggered when processing a crafted ICC profile (embedded in a TIFF and extracted during iccTiffDump). This issue has been patched in version 2.3.1.6.

Published Apr 1, 2026

Issue #702 PR #728 InternationalColorConsortium/iccDEV

CVSS ScoreMedium

5.5

Vulnerabilities

CVE-2026-34551

Published Apr 1, 2026

Issue #702 PR #728 InternationalColorConsortium/iccDEV

CVSS ScoreMedium

5.5

CVE-2026-34551 Security Details

CVE ID: CVE-2026-34551
CWE: CWE-476
CVE Description: iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference (NPD) in CIccTagLut16::Write() can be triggered when processing a crafted ICC profile (embedded in a TIFF and extracted during iccTiffDump). This issue has been patched in version 2.3.1.6.
Published: Apr 1, 2026
CVSS Score & Severity: 5.5Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score: 0.015%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · Issue #702PROJECT
GitHub · PR #728PROJECT
GitHub · InternationalColorConsortium/iccDEVPROJECT

CVE-2026-34551 Security Details

CVE ID: CVE-2026-34551
CWE: CWE-476
CVE Description: iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference (NPD) in CIccTagLut16::Write() can be triggered when processing a crafted ICC profile (embedded in a TIFF and extracted during iccTiffDump). This issue has been patched in version 2.3.1.6.
Published: Apr 1, 2026
CVSS Score & Severity: 5.5Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score: 0.015%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · Issue #702PROJECT
GitHub · PR #728PROJECT
GitHub · InternationalColorConsortium/iccDEVPROJECT

Find vulnerabilities. Fix fast with AI.

CVE-2026-34551

CVE-2026-34551 Security Details

CVE-2026-34551 Security Details