{"id":"CVE-2026-41254","details":"Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.","aliases":["GHSA-4xp6-rcgg-m9qq"],"modified":"2026-07-15T01:49:13.821322896Z","published":"2026-04-18T06:43:13.741Z","related":["SUSE-SU-2026:22070-1","SUSE-SU-2026:22506-1","openSUSE-SU-2026:21202-1"],"database_specific":{"cwe_ids":["CWE-696"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41254.json","cna_assigner":"mitre"},"references":[{"type":"WEB","url":"https://abhinavagarwal07.github.io/posts/lcms2-cubesize-overflow/"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2026/05/msg00014.html"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/04/17/16"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41254.json"},{"type":"ADVISORY","url":"https://github.com/mm2/Little-CMS/security/advisories/GHSA-4xp6-rcgg-m9qq"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41254"},{"type":"FIX","url":"https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0"},{"type":"FIX","url":"https://github.com/mm2/Little-CMS/commit/e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mm2/little-cms","events":[{"introduced":"0"},{"fixed":"da6110b1d14abc394633a388209abd5ebedd7ab0"},{"fixed":"e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc"}],"database_specific":{"source":["CPE_RANGE","REFERENCES"],"cpe":"cpe:2.3:a:littlecms:little_cms:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"2.18"}]}}],"versions":["lcms2.18","lcms2.18rc_1","lcms2.17","lcms2.17rc0","lcms2.16rc1","lcm2.16rc1","lcms2.15","lcms2.15rc1","lcms2.13.1","lcms2.13","lcms2.13rc1","lcms2.12","2.12","lcms2.12rc2","lcms2.12rc1","2.11","lcms2.10","lcms2.10rc1","lcms2.9","lcms2.9rc1","lcms2.8","lcms2.8rc2","lcms2.7rc3","lcms2-2.7","lcms2.7rc2","lcms2.7rc1","lcms2.6","lcms2.6rc3","lcms2.6rc1","lcms2.6rc0","lcms2.5","lcms2.5rc3","lcms2.5rc2","lcms2.5rc1","lcms2.4","lcms2.4rc2","lcms2.4rc1","lcms2.3","lcms2.3rc3","lcms2.3rc2","lcms2.3rc1","lcms2.2","lcms2.2rc2","lcms2.2rc1","lcms2.2rc0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-41254.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}]}