CVE-2026-41254 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.
Medium CVSS: 4.0

CVE-2026-41254

Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.
Vendor
-
Product
-
CWE
CWE-696
Yayın Tarihi
2026-04-18 07:16:10
Güncelleme
2026-04-18 07:16:10
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-696 MEDIUM 2026

Referanslar

https://abhinavagarwal07.github.io/posts/lcms2-cubesize-overflow/ https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0 https://github.com/mm2/Little-CMS/commit/e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc https://github.com/mm2/Little-CMS/security/advisories/GHSA-4xp6-rcgg-m9qq https://www.openwall.com/lists/oss-security/2026/04/17/16