OSV-2026-600 Heap-buffer-overflow in skcms_private::baseline::clut

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504261818 Crash type: Heap-buffer-overflow READ 8 Crash state: skcmsprivate::baseline::clut skcmsprivate::baseline::execstages skcmsprivate::baseline::runprogram...

skcms/iccprofile_info: Crash in read_table_extents

Project: https://skia.googlesource.com/skcms.git Detailed report: https://oss-fuzz.com/testcase?key=5960989452271616 Project: skcms Fuzzer: libFuzzerskcmsiccprofileinfo Fuzz target binary: iccprofileinfo Job Type: libfuzzermsanskcms Platform Id: linux Crash Type: UNKNOWN READ Crash Address:...

skcms/iccprofile_transform: Index-out-of-bounds in read_mft_common

Project: https://skia.googlesource.com/skcms.git Detailed report: https://oss-fuzz.com/testcase?key=5168080767418368 Project: skcms Fuzzer: libFuzzerskcmsiccprofiletransform Fuzz target binary: iccprofiletransform Job Type: libfuzzerubsanskcms Platform Id: linux Crash Type: Index-out-of-bounds...

skcms/iccprofile_transform: Heap-buffer-overflow in read_big_u32

Project: https://skia.googlesource.com/skcms.git Detailed report: https://oss-fuzz.com/testcase?key=6076950226403328 Project: skcms Fuzzer: libFuzzerskcmsiccprofiletransform Fuzz target binary: iccprofiletransform Job Type: libfuzzerasanskcms Platform Id: linux Crash Type: Heap-buffer-overflow RE...

SKCMS the presence of arbitrary file upload vulnerability can be directly getshell-a vulnerability warning-the black bar safety net

Upload vulnerability, without background permission to upload directly, without filtering, the result file is illegal uploads! SKCMS/upload/swfupload/load. asp www.0day5.com/SKCMS/upload/swfupload/load.asp ! SKCMS/upload/filemanagerjson. asp ! !...