CVE-2026-41254

Published April 18th, 2026

View on NVD ↗

CVSS v3

4

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.

A free, open source, CMM engine. It provides fast transforms between ICC profiles.

GitHub

719