CVE-2026-34536

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.6

Description iccDEV provides libraries and tools for working with ICC color management profiles. A manipulated ICC profile can trigger a stack overflow in SIccCalcOp::ArgsUsed(). The issue occurs when iccApplyProfiles processes a malicious profile, specifically during argument usage calculation for underflow/overflow checks. This issue was addressed in version 2.3.1.6.

Recommendations Versions prior to 2.3.1.6 should be updated to version 2.3.1.6 or later.