iccDEV provides a set of libraries and tools for working with ICC color management profiles. In versions up to and including 2.3.1.4, heap-buffer-overflow read occurs during CIccTagTextDescription::Release() when strlen() reads past a heap buffer while parsing ICC profile XML text description tags, causing a crash. Commit 29d088840b962a7cdd35993dfabc2cb35a049847 fixes the issue. No known workarounds are available.
{
"cwe_ids": [
"CWE-125",
"CWE-170",
"CWE-787"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/27xxx/CVE-2026-27692.json",
"cna_assigner": "GitHub_M"
}{
"cpe": "cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "2.3.1.4"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}[
{
"source": "https://github.com/internationalcolorconsortium/iccdev/commit/29d088840b962a7cdd35993dfabc2cb35a049847",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"86913730250778183184181698411207361463",
"157827830395535195793933853457565147834",
"246420076283357748384691267885886715776",
"35915357383867062396998767128116270556",
"132457638667244375284904915335545233419",
"148988581106556358121837670365706274566",
"313546694652836618565471386742395745681"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2026-27692-a895c574",
"target": {
"file": "IccProfLib/IccTagBasic.cpp"
}
},
{
"source": "https://github.com/internationalcolorconsortium/iccdev/commit/29d088840b962a7cdd35993dfabc2cb35a049847",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "158420873604993912036306051544258711187",
"length": 223.0
},
"deprecated": false,
"id": "CVE-2026-27692-fec38814",
"target": {
"function": "CIccTagTextDescription::GetBuffer",
"file": "IccProfLib/IccTagBasic.cpp"
}
}
]
"2026-07-16T00:24:37Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-27692.json"