CVE-2026-34533

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.6

Description iccDEV provides libraries and tools for working with ICC color management profiles. Before version 2.3.1.6, a manipulated ICC profile can trigger Undefined Behavior (UB) in the CIccCalculatorFunc::ApplySequence() function due to invalid enum values being loaded for icChannelFuncSignature. This results in a type/enum value confusion scenario during ICC profile processing.

Recommendations Versions prior to 2.3.1.6 should be updated to version 2.3.1.6 or later.