diff --git a/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_1.patch b/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_1.patch
deleted file mode 100644
index 2ed8e9f587..0000000000
--- a/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_1.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From c83cfcd249d06950a307cee8d1e22b7f6a78a8a7 Mon Sep 17 00:00:00 2001
-From: Marti Maria <marti.maria@littlecms.com>
-Date: Thu, 19 Feb 2026 09:07:20 +0100
-Subject: [PATCH] Fix integer overflow in CubeSize()
-
-Thanks to @zerojackyi for reporting
-
-CVE: CVE-2026-41254
-Upstream-Status: Backport [https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0]
-Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
----
- src/cmslut.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/cmslut.c b/src/cmslut.c
-index 1089148..b245209 100644
---- a/src/cmslut.c
-+++ b/src/cmslut.c
-@@ -460,7 +460,8 @@ void EvaluateCLUTfloatIn16(const cmsFloat32Number In[], cmsFloat32Number Out[],
- static
- cmsUInt32Number CubeSize(const cmsUInt32Number Dims[], cmsUInt32Number b)
- {
--    cmsUInt32Number rv, dim;
-+    cmsUInt32Number dim;
-+    cmsUInt64Number rv;
- 
-     _cmsAssert(Dims != NULL);
- 
diff --git a/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_2.patch b/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_2.patch
deleted file mode 100644
index be8c759a6f..0000000000
--- a/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_2.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From f5994aea02d5620f3182cafdcf116ffe9d6c9fd2 Mon Sep 17 00:00:00 2001
-From: Marti Maria <marti.maria@littlecms.com>
-Date: Thu, 12 Mar 2026 22:57:35 +0100
-Subject: [PATCH] check for overflow
-
-Thanks to Guanni Qu for detecting & reporting the issue
-
-CVE: CVE-2026-41254
-Upstream-Status: Backport [https://github.com/mm2/Little-CMS/commit/e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc]
-Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
----
- src/cmslut.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/cmslut.c b/src/cmslut.c
-index b245209..c1dbb32 100644
---- a/src/cmslut.c
-+++ b/src/cmslut.c
-@@ -468,12 +468,12 @@ cmsUInt32Number CubeSize(const cmsUInt32Number Dims[], cmsUInt32Number b)
-     for (rv = 1; b > 0; b--) {
- 
-         dim = Dims[b-1];
--        if (dim <= 1) return 0;  // Error
--
--        rv *= dim;
-+        if (dim <= 1) return 0;  
- 
-         // Check for overflow
-         if (rv > UINT_MAX / dim) return 0;
-+
-+        rv *= dim;
-     }
- 
-     // Again, prevent overflow
diff --git a/meta-oe/recipes-support/lcms/lcms_2.18.bb b/meta-oe/recipes-support/lcms/lcms_2.19.bb
similarity index 60%
rename from meta-oe/recipes-support/lcms/lcms_2.18.bb
rename to meta-oe/recipes-support/lcms/lcms_2.19.bb
index 1ff3b3908f..fa33678b18 100644
--- a/meta-oe/recipes-support/lcms/lcms_2.18.bb
+++ b/meta-oe/recipes-support/lcms/lcms_2.19.bb
@@ -3,11 +3,8 @@ SECTION = "libs"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=e9ce323c4b71c943a785db90142b228a"
 
-SRC_URI = "${SOURCEFORGE_MIRROR}/lcms/lcms2-${PV}.tar.gz \
-           file://CVE-2026-41254_1.patch \
-           file://CVE-2026-41254_2.patch \
-           "
-SRC_URI[sha256sum] = "ee67be3566f459362c1ee094fde2c159d33fa0390aa4ed5f5af676f9e5004347"
+SRC_URI = "${SOURCEFORGE_MIRROR}/lcms/lcms2-${PV}.tar.gz"
+SRC_URI[sha256sum] = "49e7e134e4299733dd0eda434fa468997a28ab3d33fa397c642b03644f552216"
 
 DEPENDS = "tiff"