PT-2026-41700 — Julia Littlecms Jll

PT-2026-41700 · Julia · Littlecms Jll

Published

2026-05-08

Updated

2026-05-08

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

JLSEC-2026-490

Affected Products

Littlecms Jll