CVE-2026-41254
MEDIUM
NVD
CVSS Score
4
Severity
MEDIUM
Published
Apr 18, 2026
Vendor
unknown
Description
Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.
References
- https://abhinavagarwal07.github.io/posts/lcms2-cubesize-overflow/
- https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0
- https://github.com/mm2/Little-CMS/commit/e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc
- https://github.com/mm2/Little-CMS/security/advisories/GHSA-4xp6-rcgg-m9qq
- https://www.openwall.com/lists/oss-security/2026/04/17/16