CVE-2026-34548

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.6

Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions prior to 2.3.1.6 contain an Undefined Behavior (UB) condition in the XML conversion tooling path (iccToXml) due to an implicit conversion from a negative signed integer to icUInt32Number (unsigned 32-bit), which alters the value.

Recommendations Versions prior to 2.3.1.6 should be updated to version 2.3.1.6 or later.