CVE-2026-22047 | InternationalColorConsortium iccDEV up to 2.3.1.1 ICC Color Profile IccMpeCalc.cpp SIccCalcOp::Describe heap-based overflow (ID 454 / EUVD-2026-1382)
A vulnerability identified as critical has been detected in InternationalColorConsortium iccDEV up to 2.3.1.1. This vulnerability affects the function SIccCalcOp::Describe in the library IccProfLib/IccMpeCalc.cpp of the component ICC Color Profile Handler. The manipulation leads to heap-based buffer overflow.
This vulnerability is listed as CVE-2026-22047. The attack may be initiated remotely. There is no available exploit.
You should upgrade the affected component.