{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T23:04:02.976","vulnerabilities":[{"cve":{"id":"CVE-2026-21493","sourceIdentifier":"security-advisories@github.com","published":"2026-01-06T15:15:44.983","lastModified":"2026-01-14T18:46:59.953","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during XML Curve Serialization. This issue is fixed in version 2.3.1.2."},{"lang":"es","value":"iccDEV proporciona un conjunto de bibliotecas y herramientas para trabajar con perfiles de gestión de color ICC. Las versiones 2.3.1.1 e inferiores son vulnerables a una confusión de tipos en su clase CIccSingleSampledeCurveXml durante la serialización de curvas XML. Este problema está solucionado en la versión 2.3.1.2."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-188"},{"lang":"en","value":"CWE-703"},{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:*","versionEndExcluding":"2.3.1.2","matchCriteriaId":"D34CF745-E75A-4F1C-AD7B-9AC1A2E9F680"}]}]}],"references":[{"url":"https://github.com/InternationalColorConsortium/iccDEV/commit/7ff76d1471077172f9659de8d9536443eac7c48f","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/InternationalColorConsortium/iccDEV/issues/358","source":"security-advisories@github.com","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-p85g-f9q7-jmjx","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}}]}