What is CVE-2026-42798?

CVE-2026-42798 is a security advisory published by Microsoft Security Response Center (MSRC) with Medium severity. Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c.

Which CVE IDs does CVE-2026-42798 cover?

CVE-2026-42798 covers the following CVE IDs: CVE-2026-42798. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of CVE-2026-42798?

CVE-2026-42798 has a CVSS v3 base score of 4.0, published by Microsoft Security Response Center (MSRC).

CVE-2026-42798MediumCVSS 4.0

Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c.

Vendor

Microsoft Security Response Center (MSRC)

Published

June 2, 2026

Last Modified

—

🔗 CVE IDs covered (1)

CVE-2026-42798 →