CVE-2026-27691

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.5

Description iccDEV is a set of libraries and tools for working with ICC color management profiles. A signed integer overflow in the iccFromCube.cpp file during multiplication can lead to undefined behavior, potentially causing crashes or incorrect ICC profile generation when processing specially crafted or large cube inputs. The issue is addressed by commit 43ae18dd69fc70190d3632a18a3af2f3da1e052a.

Recommendations Update to a version later than 2.3.1.4.