Updated lcms2 packages fix security vulnerability

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. CVE-2026-41254...

SUSE-SU-2026:22070-1 Security update for lcms2

This update for lcms2 fixes the following issues - CVE-2026-41254: integer overflow in CubeSize in cmslut.c bsc1264994. - CVE-2026-42798: integer overflow in ParseCube in cmscgats.c bsc1263703...

[SECURITY] [DSA 6262-1] lcms2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6262-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 10, 2026 https://www.debian.org/security/faq -...

CVE-2026-41254 affecting package lcms2 for versions less than 2.15-2

CVE-2026-41254 affecting package lcms2 for versions less than 2.15-2. A patched version of the package is available...

[SECURITY] [DLA 4568-1] lcms2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4568-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 06, 2026 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

UBUNTU-CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

FreeBSD : lcms2 -- Integer overflow (ca62e49c-4150-11f1-95f7-00a098b42aeb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ca62e49c-4150-11f1-95f7-00a098b42aeb advisory. https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0 reports: Little CMS...

ROOT-OS-DEBIAN-13-CVE-2026-41254 CVE-2026-41254 in rootio-lcms2 - Patched by Root

Root has patched CVE-2026-41254 in the rootio-lcms2 package for Root:Debian:13. Multiple fixed versions available...

UBUNTU-CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

Medium: lcms2

Issue Overview: A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color...

Amazon Linux 2 : lcms2, --advisory ALAS2-2026-3192 (ALAS-2026-3192)

The version of lcms2 installed on the remote host is prior to 2.6-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3192 advisory. A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to...

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-053 (ALASFIREFOX-2026-053)

The version of firefox installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-053 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. Th...

Slackware Linux 15.0 / current lcms2 Vulnerability (SSA:2026-009-01)

The version of lcms2 installed on the remote host is prior to 2.18. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-009-01 advisory. New lcms2 packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding descriptio...

Slackware: Security Advisory (SSA:2026-009-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] lcms2

New lcms2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/lcms2-2.18-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Fix for 469 heap buffer overflow on convertutf16toutf32...

EUVD-2025-9494

Malicious code in bioql PyPI...

EUVD-2025-9489

Malicious code in bioql PyPI...

ROOT-OS-DEBIAN-12-CVE-2025-29070 CVE-2025-29070 in rootio-lcms2 - Patched by Root

Root has patched CVE-2025-29070 in the rootio-lcms2 package for Root:Debian:12. Multiple fixed versions available...

CVE-2025-29070

A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color management, is there...