CVE-2026-25584 – iccDEV vulnerable to Stack-based Buffer Overflow in CIccTagFloatNum::GetValues()

CVE ID : CVE-2026-25584

Published : Feb. 4, 2026, 10:16 p.m. | 1 hour, 2 minutes ago

Description : iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a stack-buffer-overflow vulnerability in CIccTagFloatNum::GetValues(). This is triggered when processing a malformed ICC profile. The vulnerability allows an out-of-bounds write on the stack, potentially leading to memory corruption, information disclosure, or code execution when processing specially crafted ICC files. This issue has been patched in version 2.3.1.3.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2026-25584 – iccDEV vulnerable to Stack-based Buffer Overflow in CIccTagFloatNum::GetValues()

تکمیل ظرفیت سرور لهستان

سرور مناسب برای ترید و ارز دیجیتال

دیتاسنتر جدید در لهستان

سرور های جدید از اسپانیا

AMD EPYC & Ryzen از کشور انگلستان

آفر های جدید AMD EPYC و AMD Ryzen

آفر سرور اختصاصی از آمریکا

افزایش قیمت دامنه های ir از ۳۱ خرداد

افزایش قیمت جهانی دامنه .com

آفر های جدید سرور اختصاصی مرداد 1403

CVE-2019-25276 – Studio 5000 Logix Designer 30.01.00 – ‘FactoryTalk Activation Service’ Unquoted Service Path

سرور های جدید از روسیه-وارز

تخفیف ویژه دامنه .ASIA

ثبت دامنه .IO

انتقال رایگان پسوند دامنه PW

Kerio Control 9.2.4 Build 2223

نوشته های مشابه

CVE-2026-1898 – WeKan LDAP User Sync syncUser.js SyncLDAPBleed access control

CVE-2026-1896 – WeKan Migration Operation comprehensiveBoardMigration.js ComprehensiveBoardMigration MigrationBleed access control

CVE-2025-13192 – Popup builder with Gamification

CVE-2019-25288 – Wacom WTabletService 6.6.7-3 – ‘WTabletServicePro’ Unquoted Service Path