CVE-2026-34548

CVSS v3.1

6.2

Medium

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior (UB) condition in the XML conversion tooling path (iccToXml) caused by an implicit conversion from a negative signed integer to icUInt32Number (unsigned 32-bit), which changes the value. This issue has been patched in version 2.3.1.6.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-681

Related Identifiers

CVE-2026-34548

Affected Products

Iccdev

CVE-2026-34548

Weakness Enumeration

Related Identifiers

Affected Products

References · 4