Gnupg CVEs & Vulnerabilities
2 CVEs affecting Gnupg products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
libgcrypt 2
CVE-2026-41990MEDIUM
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.
23 Apr 2026
4.0
CVSS
CVE-2026-41989MEDIUM
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.
23 Apr 2026
6.7
CVSS
← PrevPage 1 / 1Next →