Littlecms Little Cms Color Engine
2 CVEs affecting Littlecms Little Cms Color Engine. Latest disclosed: 2026-04-30. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-42798 | Medium | 4.0 | 2026-04-30 | Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c. |
CVE-2026-41254 | Medium | 4.0 | 2026-04-18 | Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. |