CVE-2026-4407

Vulnerability Description

Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces.

Related Weaknesses (CWE)

CWE-20 CWE-787

References

https://www.xpdfreader.com/security-bug/CVE-2026-4407.html

FAQ

What is CVE-2026-4407?

CVE-2026-4407 is a documented vulnerability. Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces.

How severe is CVE-2026-4407?

CVSS scoring is not yet available for CVE-2026-4407. Check NVD for updates.

Is there a patch for CVE-2026-4407?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.