Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6305 vulnerabilities reference this CWE, most recent first.

CVE-2026-22693 (GCVE-0-2026-22693)

Vulnerability from cvelistv5 – Published: 2026-01-10 05:53 – Updated: 2026-01-12 16:47
VLAI
Title
Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS
Summary
HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
Impacted products
Vendor Product Version
harfbuzz harfbuzz Affected: < 12.3.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-01-12T05:10:58.184Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/01/11/1"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/01/12/1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22693",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-12T16:46:05.339668Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-12T16:47:17.715Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "harfbuzz",
          "vendor": "harfbuzz",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 12.3.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-10T05:53:21.019Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww"
        },
        {
          "name": "https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae"
        }
      ],
      "source": {
        "advisory": "GHSA-xvjr-f2r9-c7ww",
        "discovery": "UNKNOWN"
      },
      "title": "Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-22693",
    "datePublished": "2026-01-10T05:53:21.019Z",
    "dateReserved": "2026-01-08T19:23:09.855Z",
    "dateUpdated": "2026-01-12T16:47:17.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21901 (GCVE-0-2026-21901)

Vulnerability from cvelistv5 – Published: 2026-07-09 21:01 – Updated: 2026-07-10 14:21
VLAI
Title
Junos OS and Junos OS Evolved: Configuration of a specific SSH option results in mgd crash
Summary
A NULL Pointer Dereference vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker setting or deactivating a specific SSH configuration parameter to create a Denial of Service (DoS). A local high-privileged user configuring or deactivating a specific 'system services ssh' configuration parameter can exploit a null pointer dereference in one of the functions used by SSH. The function attempts to dereference a null pointer when accessing certain configuration data, resulting in an mgd process crash and restart. Continued execution of these configuration commands will create a sustained Denial of Service (DoS) condition. This issue affects: Junos OS: * from 22.3 before 22.3R3-S5; * from 22.4 before 22.4R3-S10; * from 23.2 before 23.2R2-S7; * from 23.4 before 23.4R2-S8. This issue does not affect Junos OS before 22.3R1. Junos OS Evolved: * from 22.3R1-EVO before 23.2R2-S7-EVO; * from 23.4 before 23.4R2-S8-EVO. This issue does not affect Junos OS Evolved before 22.3R1-EVO.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 22.3 , < 22.3R3-S5 (custom)
Affected: 22.4 , < 22.4R3-S10 (custom)
Affected: 23.2 , < 23.2R2-S7 (custom)
Affected: 23.4 , < 23.4R2-S8 (custom)
Unaffected: 0 , < 22.3R1 (custom)
Create a notification for this product.
Juniper Networks Junos OS Evolved Affected: 23.2 , < 23.2R2-S7-EVO (custom)
Affected: 23.4 , < 23.4R2-S8-EVO (custom)
Unaffected: 0 , < 22.3R1-EVO (custom)
Create a notification for this product.
Date Public
2026-07-08 16:00
Credits
Juniper SIRT would like to acknowledge and thank Orange CERT-CC from the Orange group for responsibly reporting this vulnerability.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21901",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-10T14:21:27.704515Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-10T14:21:31.624Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-g4f7-w2rc-hpj6"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "22.3R3-S5",
              "status": "affected",
              "version": "22.3",
              "versionType": "custom"
            },
            {
              "lessThan": "22.4R3-S10",
              "status": "affected",
              "version": "22.4",
              "versionType": "custom"
            },
            {
              "lessThan": "23.2R2-S7",
              "status": "affected",
              "version": "23.2",
              "versionType": "custom"
            },
            {
              "lessThan": "23.4R2-S8",
              "status": "affected",
              "version": "23.4",
              "versionType": "custom"
            },
            {
              "lessThan": "22.3R1",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "23.2R2-S7-EVO",
              "status": "affected",
              "version": "23.2",
              "versionType": "custom"
            },
            {
              "lessThan": "23.4R2-S8-EVO",
              "status": "affected",
              "version": "23.4",
              "versionType": "custom"
            },
            {
              "lessThan": "22.3R1-EVO",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Juniper SIRT would like to acknowledge and thank Orange CERT-CC from the Orange group for responsibly reporting this vulnerability."
        }
      ],
      "datePublic": "2026-07-08T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A NULL Pointer Dereference vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker setting or deactivating a\u0026nbsp;specific SSH configuration parameter to create a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eA local high-privileged user configuring or deactivating a specific \u0027system services ssh\u0027 configuration parameter\u0026nbsp;can exploit a null pointer dereference in one of the functions used by SSH. The function attempts to dereference a null pointer when accessing certain configuration data, resulting in an mgd process crash and restart.\u0026nbsp;Continued execution of these configuration commands will create a sustained Denial of Service (DoS) condition.\u003cbr\u003e\u003cp\u003e\u003cbr\u003eThis issue affects:\u003cbr\u003eJunos OS:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003efrom 22.3 before 22.3R3-S5;\u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S10;\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2-S7;\u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2-S8.\u003c/li\u003e\u003c/ul\u003e\n\nThis issue does not affect Junos OS before 22.3R1.\n\n\u003cbr\u003e\u003cbr\u003eJunos OS Evolved:\u003cbr\u003e\u003cul\u003e\u003cli\u003efrom 22.3R1-EVO before 23.2R2-S7-EVO;\u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2-S8-EVO.\u003c/li\u003e\u003c/ul\u003eThis issue does not affect Junos OS Evolved before 22.3R1-EVO.\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "A NULL Pointer Dereference vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker setting or deactivating a\u00a0specific SSH configuration parameter to create a Denial of Service (DoS).\n\nA local high-privileged user configuring or deactivating a specific \u0027system services ssh\u0027 configuration parameter\u00a0can exploit a null pointer dereference in one of the functions used by SSH. The function attempts to dereference a null pointer when accessing certain configuration data, resulting in an mgd process crash and restart.\u00a0Continued execution of these configuration commands will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\nJunos OS:\n\n\n  *  from 22.3 before 22.3R3-S5;\n  *  from 22.4 before 22.4R3-S10;\n  *  from 23.2 before 23.2R2-S7;\n  *  from 23.4 before 23.4R2-S8.\n\n\n\n\nThis issue does not affect Junos OS before 22.3R1.\n\n\n\nJunos OS Evolved:\n  *  from 22.3R1-EVO before 23.2R2-S7-EVO;\n  *  from 23.4 before 23.4R2-S8-EVO.\n\n\nThis issue does not affect Junos OS Evolved before 22.3R1-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "GREEN",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:M/U:Green",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-09T21:01:31.334Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-g4f7-w2rc-hpj6"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA110072"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue:\u003cbr\u003eJunos OS: 22.3R3-S5, 22.4R3-S10, 23.2R2-S7, 23.4R2-S8, 24.2R1, and all subsequent releases.\n\u003cbr\u003e\nJunos OS Evolved: 23.2R2-S7-EVO, 23.4R2-S8-EVO, 24.2R1-EVO, and all subsequent releases."
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue:\nJunos OS: 22.3R3-S5, 22.4R3-S10, 23.2R2-S7, 23.4R2-S8, 24.2R1, and all subsequent releases.\n\n\nJunos OS Evolved: 23.2R2-S7-EVO, 23.4R2-S8-EVO, 24.2R1-EVO, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA110072",
        "defect": [
          "1779319"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Junos OS and Junos OS Evolved: Configuration of a specific SSH option results in mgd crash",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThere are no direct workarounds for this issue.\u003cbr\u003e\u003cbr\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOne of the following mitigations will prevent malicious exploitation:\u003c/span\u003e\u003cbr\u003e\u003cul\u003e\u003c/ul\u003e\u003cul\u003e\u003c/ul\u003e\u003cul\u003e\u003cli\u003eUse access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\u003c/li\u003e\u003cli\u003eUtilize command authorization to limit the ability to enter config mode to trusted administrators.\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e"
            }
          ],
          "value": "There are no direct workarounds for this issue.\n\n\n\nOne of the following mitigations will prevent malicious exploitation:\n\n\n\n\n  *  Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\n  *  Utilize command authorization to limit the ability to enter config mode to trusted administrators."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2026-21901",
    "datePublished": "2026-07-09T21:01:31.334Z",
    "dateReserved": "2026-01-05T17:32:48.709Z",
    "dateUpdated": "2026-07-10T14:21:31.624Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21691 (GCVE-0-2026-21691)

Vulnerability from cvelistv5 – Published: 2026-01-07 21:53 – Updated: 2026-01-08 14:40
VLAI
Title
iccDEV has Type Confusion in CIccTag:IsTypeCompressed()
Summary
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `CIccTag:IsTypeCompressed()`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-20 - Improper Input Validation
  • CWE-140 - Improper Neutralization of Delimiters
  • CWE-476 - NULL Pointer Dereference
  • CWE-697 - Incorrect Comparison
  • CWE-1025 - Comparison Using Wrong Factors
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21691",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-08T14:39:48.066498Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-08T14:40:49.437Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iccDEV",
          "vendor": "InternationalColorConsortium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `CIccTag:IsTypeCompressed()`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-140",
              "description": "CWE-140: Improper Neutralization of Delimiters",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-697",
              "description": "CWE-697: Incorrect Comparison",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1025",
              "description": "CWE-1025: Comparison Using Wrong Factors",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-07T21:53:02.461Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-c9q5-x498-jv92",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-c9q5-x498-jv92"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/issues/392",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/392"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/pull/426",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/426"
        }
      ],
      "source": {
        "advisory": "GHSA-c9q5-x498-jv92",
        "discovery": "UNKNOWN"
      },
      "title": "iccDEV has Type Confusion in CIccTag:IsTypeCompressed()"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-21691",
    "datePublished": "2026-01-07T21:53:02.461Z",
    "dateReserved": "2026-01-02T18:45:27.397Z",
    "dateUpdated": "2026-01-08T14:40:49.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21689 (GCVE-0-2026-21689)

Vulnerability from cvelistv5 – Published: 2026-01-07 21:46 – Updated: 2026-01-08 14:46
VLAI
Title
iccDEV has Type Confusion in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cpp
Summary
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `CIccProfileXml::ParseBasic()` at `IccXML/IccLibXML/IccProfileXml.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-20 - Improper Input Validation
  • CWE-190 - Integer Overflow or Wraparound
  • CWE-232 - Improper Handling of Undefined Values
  • CWE-476 - NULL Pointer Dereference
  • CWE-690 - Unchecked Return Value to NULL Pointer Dereference
  • CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21689",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-08T14:45:41.122550Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-08T14:46:02.908Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iccDEV",
          "vendor": "InternationalColorConsortium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `CIccProfileXml::ParseBasic()` at `IccXML/IccLibXML/IccProfileXml.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-232",
              "description": "CWE-232: Improper Handling of Undefined Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-690",
              "description": "CWE-690: Unchecked Return Value to NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-07T21:46:12.392Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-5rqc-w93q-589m",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-5rqc-w93q-589m"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/issues/382",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/382"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/pull/423",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/423"
        }
      ],
      "source": {
        "advisory": "GHSA-5rqc-w93q-589m",
        "discovery": "UNKNOWN"
      },
      "title": "iccDEV has Type Confusion in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cpp"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-21689",
    "datePublished": "2026-01-07T21:46:12.392Z",
    "dateReserved": "2026-01-02T18:45:27.397Z",
    "dateUpdated": "2026-01-08T14:46:02.908Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21688 (GCVE-0-2026-21688)

Vulnerability from cvelistv5 – Published: 2026-01-07 21:43 – Updated: 2026-01-08 14:47
VLAI
Title
iccDEV has Type Confusion in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp
Summary
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `SIccCalcOp::ArgsPushed()` at `IccProfLib/IccMpeCalc.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-20 - Improper Input Validation
  • CWE-190 - Integer Overflow or Wraparound
  • CWE-476 - NULL Pointer Dereference
  • CWE-681 - Incorrect Conversion between Numeric Types
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21688",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-08T14:46:56.304593Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-08T14:47:10.716Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iccDEV",
          "vendor": "InternationalColorConsortium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `SIccCalcOp::ArgsPushed()` at `IccProfLib/IccMpeCalc.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-681",
              "description": "CWE-681: Incorrect Conversion between Numeric Types",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-07T21:43:06.245Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-3r2x-j7v3-pg6f",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-3r2x-j7v3-pg6f"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/issues/379",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/379"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/pull/422",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/422"
        }
      ],
      "source": {
        "advisory": "GHSA-3r2x-j7v3-pg6f",
        "discovery": "UNKNOWN"
      },
      "title": "iccDEV has Type Confusion in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-21688",
    "datePublished": "2026-01-07T21:43:06.245Z",
    "dateReserved": "2026-01-02T18:45:27.397Z",
    "dateUpdated": "2026-01-08T14:47:10.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21680 (GCVE-0-2026-21680)

Vulnerability from cvelistv5 – Published: 2026-01-07 17:50 – Updated: 2026-01-07 18:09
VLAI
Title
iccDEV has Null Pointer Dereference in CIccProfile::CheckTagTypes()
Summary
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a NULL pointer dereference vulnerability. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21680",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-07T18:08:08.534617Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-07T18:09:05.595Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iccDEV",
          "vendor": "InternationalColorConsortium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a NULL pointer dereference vulnerability. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-07T17:50:09.188Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-mgp7-w4w3-mhx4",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-mgp7-w4w3-mhx4"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/issues/322",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/322"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/pull/325",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/325"
        }
      ],
      "source": {
        "advisory": "GHSA-mgp7-w4w3-mhx4",
        "discovery": "UNKNOWN"
      },
      "title": "iccDEV has Null Pointer Dereference in CIccProfile::CheckTagTypes()"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-21680",
    "datePublished": "2026-01-07T17:50:09.188Z",
    "dateReserved": "2026-01-02T18:45:27.396Z",
    "dateUpdated": "2026-01-07T18:09:05.595Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21525 (GCVE-0-2026-21525)

Vulnerability from cvelistv5 – Published: 2026-02-10 17:51 – Updated: 2026-05-11 21:25
VLAI
Title
Windows Remote Access Connection Manager Denial of Service Vulnerability
Summary
Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.
SSVC
Exploitation: active Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.8868 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.8389 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 21H2 Affected: 10.0.19044.0 , < 10.0.19044.6937 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.6937 (custom)
Create a notification for this product.
Microsoft Windows 11 version 22H3 Affected: 10.0.22631.0 , < 10.0.22631.6649 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 23H2 Affected: 10.0.22631.0 , < 10.0.22631.6649 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 24H2 Affected: 10.0.26100.0 , < 10.0.26100.7840 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 25H2 Affected: 10.0.26200.0 , < 10.0.26200.7840 (custom)
Create a notification for this product.
Microsoft Windows 11 version 26H1 Affected: 10.0.28000.0 , < 10.0.28000.1575 (custom)
Create a notification for this product.
Microsoft Windows 11 Version 26H1 Affected: 10.0.28000.0 , < 10.0.28000.1575 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.25923 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.25923 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.23022 (custom)
Create a notification for this product.
Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.23022 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.8868 (custom)
Create a notification for this product.
Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.8868 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.8389 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.8389 (custom)
Create a notification for this product.
Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.4773 (custom)
Create a notification for this product.
Microsoft Windows Server 2022, 23H2 Edition (Server Core installation) Affected: 10.0.25398.0 , < 10.0.25398.2149 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 Affected: 10.0.26100.0 , < 10.0.26100.32370 (custom)
Create a notification for this product.
Microsoft Windows Server 2025 (Server Core installation) Affected: 10.0.26100.0 , < 10.0.26100.32370 (custom)
Create a notification for this product.
Date Public
2026-02-10 16:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21525",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T04:56:02.560006Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-02-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21525"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:44.691Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21525"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-02-10T00:00:00.000Z",
            "value": "CVE-2026-21525 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-03-27T20:43:53.895Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2026-21525-detection-script-dos-vulnerability-in-windows-remote-access-connection-manager"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2026-21525-mitigation-script-dos-vulnerability-in-windows-remote-access-connection-manager"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.8868",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.8389",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.6937",
              "status": "affected",
              "version": "10.0.19044.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.6937",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 22H3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.6649",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 23H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.6649",
              "status": "affected",
              "version": "10.0.22631.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 24H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.7840",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Windows 11 Version 25H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26200.7840",
              "status": "affected",
              "version": "10.0.26200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 26H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.28000.1575",
              "status": "affected",
              "version": "10.0.28000.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Windows 11 Version 26H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.28000.1575",
              "status": "affected",
              "version": "10.0.28000.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25923",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.25923",
              "status": "affected",
              "version": "6.2.9200.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.23022",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.23022",
              "status": "affected",
              "version": "6.3.9600.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.8868",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.8868",
              "status": "affected",
              "version": "10.0.14393.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.8389",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.8389",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.4773",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.25398.2149",
              "status": "affected",
              "version": "10.0.25398.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.32370",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.32370",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.8389",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.8389",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.8389",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.4773",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.6937",
                  "versionStartIncluding": "10.0.19044.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.6937",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.32370",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26200.7840",
                  "versionStartIncluding": "10.0.26200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22631.6649",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.22631.6649",
                  "versionStartIncluding": "10.0.22631.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.25398.2149",
                  "versionStartIncluding": "10.0.25398.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.26100.7840",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.32370",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.14393.8868",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.8868",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.14393.8868",
                  "versionStartIncluding": "10.0.14393.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25923",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.2.9200.25923",
                  "versionStartIncluding": "6.2.9200.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.23022",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "6.3.9600.23022",
                  "versionStartIncluding": "6.3.9600.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.28000.1575",
                  "versionStartIncluding": "10.0.28000.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.28000.1575",
                  "versionStartIncluding": "10.0.28000.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-02-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:25:35.552Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Remote Access Connection Manager Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21525"
        }
      ],
      "title": "Windows Remote Access Connection Manager Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-21525",
    "datePublished": "2026-02-10T17:51:34.755Z",
    "dateReserved": "2025-12-30T18:10:54.846Z",
    "dateUpdated": "2026-05-11T21:25:35.552Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21506 (GCVE-0-2026-21506)

Vulnerability from cvelistv5 – Published: 2026-01-07 17:10 – Updated: 2026-01-07 18:30
VLAI
Title
iccDEV is Vulnerable to Null Pointer Dereference in CIccProfileXml::ParseBasic() Leading to Denial of Service
Summary
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to Null pointer dereference in CIccProfileXml::ParseBasic(), leading to denial of service. This issue has been patched in version 2.3.1.2.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-20 - Improper Input Validation
  • CWE-476 - NULL Pointer Dereference
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21506",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-07T18:30:17.518926Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-07T18:30:51.482Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iccDEV",
          "vendor": "InternationalColorConsortium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to Null pointer dereference in CIccProfileXml::ParseBasic(), leading to denial of service. This issue has been patched in version 2.3.1.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-07T17:10:58.119Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-wfm7-m548-x4vp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-wfm7-m548-x4vp"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/issues/371",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/371"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/pull/418",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/418"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/commit/f2ea32372ad3ebbd29147940229cb9c5548fe033",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/commit/f2ea32372ad3ebbd29147940229cb9c5548fe033"
        }
      ],
      "source": {
        "advisory": "GHSA-wfm7-m548-x4vp",
        "discovery": "UNKNOWN"
      },
      "title": "iccDEV is Vulnerable to Null Pointer Dereference in CIccProfileXml::ParseBasic() Leading to Denial of Service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-21506",
    "datePublished": "2026-01-07T17:10:58.119Z",
    "dateReserved": "2025-12-29T14:34:16.007Z",
    "dateUpdated": "2026-01-07T18:30:51.482Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21503 (GCVE-0-2026-21503)

Vulnerability from cvelistv5 – Published: 2026-01-07 17:10 – Updated: 2026-01-07 21:53
VLAI
Title
iccDEV has Undefined Behavior - Null Pointer Passed to memcpy() in CIccTagSparseMatrixArray
Summary
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to a null pointer passed to memcpy() in CIccTagSparseMatrixArray. This issue has been patched in version 2.3.1.2.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-20 - Improper Input Validation
  • CWE-131 - Incorrect Calculation of Buffer Size
  • CWE-476 - NULL Pointer Dereference
  • CWE-628 - Function Call with Incorrectly Specified Arguments
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21503",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-07T21:53:29.495355Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-07T21:53:35.787Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iccDEV",
          "vendor": "InternationalColorConsortium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to a null pointer passed to memcpy() in CIccTagSparseMatrixArray. This issue has been patched in version 2.3.1.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131: Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-628",
              "description": "CWE-628: Function Call with Incorrectly Specified Arguments",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-07T17:10:44.174Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-h554-qrfh-53gx",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-h554-qrfh-53gx"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/issues/367",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/367"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/pull/417",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/417"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/commit/55259a6395c4f6124b5d0e38469c77412926bd3d",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/commit/55259a6395c4f6124b5d0e38469c77412926bd3d"
        }
      ],
      "source": {
        "advisory": "GHSA-h554-qrfh-53gx",
        "discovery": "UNKNOWN"
      },
      "title": "iccDEV has Undefined Behavior - Null Pointer Passed to memcpy() in CIccTagSparseMatrixArray"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-21503",
    "datePublished": "2026-01-07T17:10:44.174Z",
    "dateReserved": "2025-12-29T14:34:16.007Z",
    "dateUpdated": "2026-01-07T21:53:35.787Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-21502 (GCVE-0-2026-21502)

Vulnerability from cvelistv5 – Published: 2026-01-07 17:09 – Updated: 2026-01-07 18:21
VLAI
Title
NULL Pointer Dereference in iccDEV XML Tag Parser
Summary
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML tag parser. This issue has been patched in version 2.3.1.2.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-20 - Improper Input Validation
  • CWE-252 - Unchecked Return Value
  • CWE-476 - NULL Pointer Dereference
  • CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21502",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-07T18:15:38.756825Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-07T18:21:53.693Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iccDEV",
          "vendor": "InternationalColorConsortium",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.3.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML tag parser. This issue has been patched in version 2.3.1.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-252",
              "description": "CWE-252: Unchecked Return Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-690",
              "description": "CWE-690: Unchecked Return Value to NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-07T17:09:45.884Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-67r8-q3mh-42j6",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-67r8-q3mh-42j6"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/issues/368",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/368"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/pull/407",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/407"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/commit/d04c236775e89a029f93efcc242fdb1fbc245a1c",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/commit/d04c236775e89a029f93efcc242fdb1fbc245a1c"
        },
        {
          "name": "https://github.com/InternationalColorConsortium/iccDEV/commit/d9e42a1fb2606e25e498eb94f34f6da89f522e35",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/InternationalColorConsortium/iccDEV/commit/d9e42a1fb2606e25e498eb94f34f6da89f522e35"
        }
      ],
      "source": {
        "advisory": "GHSA-67r8-q3mh-42j6",
        "discovery": "UNKNOWN"
      },
      "title": "NULL Pointer Dereference in iccDEV XML Tag Parser"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-21502",
    "datePublished": "2026-01-07T17:09:45.884Z",
    "dateReserved": "2025-12-29T14:34:16.007Z",
    "dateUpdated": "2026-01-07T18:21:53.693Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.