CVE-2026-42798

Published April 30th, 2026

View on NVD ↗

CVSS v3

4

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c.

A free, open source, CMM engine. It provides fast transforms between ICC profiles.

GitHub

719