Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
iccDEV: Uncontrolled Memory Growth Crashes Color Management Software
CVE-2026-30979
Summary
A security issue in older versions of iccDEV can cause color management software to crash when a user interacts with it. This happens because the software doesn't properly handle certain data, leading to a memory crash. Update to the latest version (2.3.1.5 or higher) to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| color | iccdev | <= 2.3.1.5 | – |
Original title
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow in CIccCalculatorFunc::InitSelectOp() triggered ...
Original description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow in CIccCalculatorFunc::InitSelectOp() triggered with local user interaction causing memory corruption/crash. This vulnerability is fixed in 2.3.1.5.
nvd CVSS3.1
7.8
Vulnerability type
CWE-120
Classic Buffer Overflow
CWE-122
Heap-based Buffer Overflow
CWE-787
Out-of-bounds Write
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026