Ubuntu: Security Advisory (USN-7978-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALSA-2026:1377 Moderate: image-builder security update

A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS scor...

GNUPG security vulnerabilities

GNU Privacy Guard is a set of open-source encryption software from the GNU community in the United States, licensed under the GNU General Public License. This software supports algorithms such as public key encryption, symmetric encryption, and hashing. Versions of GnuPG prior to 2.5.17 contained...

GNUPG code-related vulnerabilities

GNU Public Key Exchange GNUPG is a set of open-source encryption software from the GNU community in the United States, licensed under the GNU General Public License. This software supports algorithms such as public keys, symmetric encryption, and hashing. Versions of GnuPG prior to 2.5.17 had cod...

ALSA-2026:1381 Moderate: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes: golang:...

Linux Distros Unpatched Vulnerability : CVE-2026-24882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

Scan discovered multiple CVEs against glibc

Binary scan of Brocade Fabric OS identified multiple potential CVEs against glibc CVE-2020-6096 An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negativ...

PT-2026-5009

Name of the Vulnerable Software and Affected Versions GnuPG versions prior to 2.5.17 Description A specially crafted CMS S/MIME EnvelopedData message with an oversized wrapped session key can lead to a stack-based buffer overflow within the gpg-agent component during PKDECRYPT--kem=CMS processing...

GNU Privacy Guard 2.5.17

GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...

GNUPG security vulnerabilities

GNU Privacy Guard is an open-source encryption software developed by the GNU community in the United States. It is licensed under the GNU General Public License. This software supports algorithms such as public key encryption, symmetric encryption, and hashing. Prior to version 2.5.17, GnuPG had...

CVE-2025-9820

A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...

Exploit for CVE-2026-24061

CVE-2026-24061 Vulnerability Detection and Exploitation Tool...

Exploit for CVE-2026-24061

CVE-2026-24061 Vulnerability Detection and Exploitation Tool...

Exploit for CVE-2026-24061

CVE-2026-24061 Vulnerability Detection and Exploitation Tool...

Alibaba Cloud Linux 3 : 0013: gnupg2 (ALINUX3-SA-2026:0013)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0013 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-68973: In GnuPG before 2.4.9, armorfilter ...

RHEL 9 : gnupg2 (RHSA-2026:1229)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1229 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Securi...

GNU InetUtils Argument Injection Vulnerability

GNU InetUtils contains an argument injection vulnerability in telnetd that could allow for remote authentication bypass via a "-f root" value for the USER environment variable...

RHEL 9 : gnupg2 (RHSA-2026:1230)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1230 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Securi...

GIMP: Arbitrary Code Execution

Background GIMP is the GNU Image Manipulation Program. XCF is the native image file format used by GIMP. Description A vulnerability has been discovered in GIMP. Please review the CVE identifier referenced below for details. Impact This vulnerability allows remote attackers to execute arbitrary...

Exploit for CVE-2026-24061

GNU InetUtils telnetd Argument Injection Authentication Bypass...