CVE-2026-31792

High

Published: 10 March 2026

Published

10 March 2026

Modified

13 March 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0002 4.0th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-31792 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability in Color Iccdev. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 4.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Malicious File (T1204.002) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

preventrecover

Directly requires timely identification, reporting, and correction of the null pointer dereference flaw in iccDEV versions prior to 2.3.1.5 to prevent exploitation and enable recovery.

RA-5 Vulnerability Monitoring and Scanning good match

detect

Vulnerability monitoring and scanning identifies the presence of vulnerable iccDEV libraries and tools affected by CVE-2026-31792.

SI-11 Error Handling partial match

prevent

Proper error handling mitigates the segmentation fault from null pointer dereference in CIccTagXmlStruct::ParseTag() when processing malformed ICC profiles.

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution

An adversary may rely upon a user opening a malicious file in order to gain execution.

attack.mitre.org →

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

Malicious ICC profile file requires user interaction to trigger (T1204.002); null dereference enables application/system crash for DoS (T1499.004).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a null pointer dereference in CIccTagXmlStruct::ParseTag() causing a segmentation fault or denial of service. This vulnerability is fixed in 2.3.1.5.

Deeper analysisAI

CVE-2026-31792, published on 2026-03-10, is a null pointer dereference vulnerability (CWE-476) in iccDEV, a set of libraries and tools for working with ICC color management profiles. Versions prior to 2.3.1.5 are affected, with the flaw located in the CIccTagXmlStruct::ParseTag() function. Triggering the vulnerability causes a segmentation fault or denial of service, earning a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

A local attacker can exploit this vulnerability by tricking a user into processing a specially crafted ICC color profile using an affected iccDEV tool or library integration. No privileges are required, though the attack demands low complexity and user interaction, such as opening a malicious file. Successful exploitation leads to high-impact disruption, including application crashes, denial of service, and potential compromise of confidentiality, integrity, and availability.

The vulnerability is addressed in iccDEV version 2.3.1.5. Mitigation involves updating to this patched release. Official details are available in the GitHub security advisory (GHSA-j3mh-rjg5-8gw7), issue #633, pull request #639, and release tag v2.3.1.5.

Details

CWE(s): CWE-476

Affected Products

color

iccdev

≤ 2.3.1.5

CVEs Like This One

CVE-2026-21680Same product: Color Iccdev

CVE-2026-21684Same product: Color Iccdev

CVE-2026-21491Same product: Color Iccdev

CVE-2026-21500Same product: Color Iccdev

CVE-2026-21681Same product: Color Iccdev

CVE-2026-21686Same product: Color Iccdev

CVE-2026-21685Same product: Color Iccdev

CVE-2026-25503Same product: Color Iccdev

CVE-2026-27692Same product: Color Iccdev

CVE-2026-24852Same product: Color Iccdev

References

https://github.com/InternationalColorConsortium/iccDEV/issues/633
Issue Tracking · security-advisories@github.com
https://github.com/InternationalColorConsortium/iccDEV/pull/639
Issue Tracking, Patch · security-advisories@github.com
https://github.com/InternationalColorConsortium/iccDEV/releases/tag/v2.3.1.5
Product · security-advisories@github.com
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-j3mh-rjg5-8gw7
Patch, Vendor Advisory · security-advisories@github.com