What is CVE-2026-41254?

CVE-2026-41254 is a security advisory published by Microsoft Security Response Center (MSRC) with Medium severity. Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.

Which CVE IDs does CVE-2026-41254 cover?

CVE-2026-41254 covers the following CVE IDs: CVE-2026-41254. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of CVE-2026-41254?

CVE-2026-41254 has a CVSS v3 base score of 4.0, published by Microsoft Security Response Center (MSRC).

CVE-2026-41254MediumCVSS 4.0

Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.

Vendor

Microsoft Security Response Center (MSRC)

Published

June 2, 2026

Last Modified

—

🔗 CVE IDs covered (1)

CVE-2026-41254 →