CVE-2026-41254

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-41254
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-41254.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-41254
Aliases
  • GHSA-4xp6-rcgg-m9qq
Downstream
Related
Published
2026-04-18T06:43:13.741Z
Modified
2026-06-20T10:59:33.444067Z
Severity
  • 4.0 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L CVSS Calculator
Summary
[none]
Details

Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.

Database specific 
{
    "cna_assigner": "mitre",
    "cwe_ids": [
        "CWE-696"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41254.json"
}
References

Affected packages

Git / github.com/mm2/little-cms

Affected ranges

Type
GIT
Repo
https://github.com/mm2/little-cms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
da6110b1d14abc394633a388209abd5ebedd7ab0
Fixed
e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc
Database specific 
{
    "cpe": "cpe:2.3:a:littlecms:little_cms:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.18"
        }
    ],
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ]
}

Affected versions

2.*
2.11
2.12
lcm2.*
lcm2.16rc1
lcms2-2.*
lcms2-2.7
lcms2.*
lcms2.10
lcms2.10rc1
lcms2.12
lcms2.12rc1
lcms2.12rc2
lcms2.13
lcms2.13.1
lcms2.13rc1
lcms2.15
lcms2.15rc1
lcms2.16rc1
lcms2.17
lcms2.17rc0
lcms2.18
lcms2.18rc_1
lcms2.2
lcms2.2rc0
lcms2.2rc1
lcms2.2rc2
lcms2.3
lcms2.3rc1
lcms2.3rc2
lcms2.3rc3
lcms2.4
lcms2.4rc1
lcms2.4rc2
lcms2.5
lcms2.5rc1
lcms2.5rc2
lcms2.5rc3
lcms2.6
lcms2.6rc0
lcms2.6rc1
lcms2.6rc3
lcms2.7rc1
lcms2.7rc2
lcms2.7rc3
lcms2.8
lcms2.8rc2
lcms2.9
lcms2.9rc1

Database specific

vanir_signatures_modified 
"2026-06-20T10:59:33Z"
vanir_signatures 
[
    {
        "target": {
            "file": "src/cmslut.c",
            "function": "CubeSize"
        },
        "id": "CVE-2026-41254-0826429d",
        "deprecated": false,
        "digest": {
            "function_hash": "151103996905205333487280703804498013001",
            "length": 313.0
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/mm2/little-cms/commit/da6110b1d14abc394633a388209abd5ebedd7ab0"
    },
    {
        "target": {
            "file": "src/cmslut.c",
            "function": "CubeSize"
        },
        "id": "CVE-2026-41254-0fc03b9f",
        "deprecated": false,
        "digest": {
            "function_hash": "328600515102910444951326586914541193561",
            "length": 329.0
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/mm2/little-cms/commit/e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc"
    },
    {
        "target": {
            "file": "src/cmslut.c"
        },
        "id": "CVE-2026-41254-3093fb80",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "2166842311799854057066400903572642192",
                "73880722182175798664018837267178850914",
                "92784381424835445787713103799084981739",
                "245945994391277991013205265820686163302",
                "113779849581051347427211404560983366267",
                "52582969683582016743840494390956449804"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/mm2/little-cms/commit/e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc"
    },
    {
        "target": {
            "file": "src/cmslut.c"
        },
        "id": "CVE-2026-41254-9c3577e2",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "34304708872578304858411580890683999585",
                "140958089450064865783575510356199293505",
                "231579098774124449854180750500904138080",
                "52862325865801370546975363745875812216"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/mm2/little-cms/commit/da6110b1d14abc394633a388209abd5ebedd7ab0"
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-41254.json"