CVE-2026-41254
Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.
More information : https://abhinavagarwal07.github.io/posts/lcms2-cubesize-overflow/
Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.
More information : https://abhinavagarwal07.github.io/posts/lcms2-cubesize-overflow/