Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1009 matches found

AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.7 views

Astra Linux – Vulnerability in libgcrypt20

The ElGamal implementation in Libgcrypt before version 1.9.4 allows plaintext recovery. This occurs because, during interaction between two cryptographic libraries, a dangerous combination of elements arises—specifically, the prime number defined by the receiver’s public key, the generator define...

5.9CVSS6.6AI score0.01323EPSS
Exploits1References2
Fedora
Fedoraadded 2026/04/30 1:21 a.m.4 views

[SECURITY] Fedora 43 Update: libgcrypt-1.11.1-4.fc43

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

6.7CVSS5.3AI score0.0018EPSS
Exploits0
Fedora
Fedoraadded 2026/04/30 12:54 a.m.3 views

[SECURITY] Fedora 44 Update: libgcrypt-1.12.2-1.fc44

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

6.7CVSS5.3AI score0.0018EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.2 views

Fedora 44 : libgcrypt (2026-9a79c58afd)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9a79c58afd advisory. New upstream release 2458643 fixing CVE-2026-41989 2461782 Tenable has extracted the preceding description block directly from the Fedora security advisory...

6.7CVSS5.8AI score0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.4 views

Fedora 43 : libgcrypt (2026-8409145c11)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8409145c11 advisory. Fix CVE-2026-41989 2461782 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

6.7CVSS5.8AI score0.0018EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/04/28 11:5 a.m.3 views

CVE-2026-41990

A flaw was found in Libgcrypt. During Dilithium signing operations, the library fails to perform a bounds check when writing to a static array. While the data involved is not directly controlled by an attacker, this vulnerability could lead to memory corruption, potentially resulting in a denial ...

4CVSS4.9AI score0.00176EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2026/04/25 11:14 a.m.4 views

CVE-2026-41989

A flaw was found in Libgcrypt. A remote attacker could exploit this vulnerability by sending crafted Elliptic Curve Diffie-Hellman ECDH ciphertext to the gcrypkdecrypt function. This can lead to a heap-based buffer overflow, potentially causing a denial of service DoS condition. Mitigation...

7.5CVSS5.2AI score0.0018EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2026/04/24 1:27 a.m.6 views

SUSE CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

6.7CVSS6AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/04/24 1:27 a.m.5 views

SUSE CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/23 6:30 a.m.2 views

EUVD-2026-25192

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

6.7CVSS6AI score0.0018EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/23 6:30 a.m.2 views

EUVD-2026-25193

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References4
NVD
NVDadded 2026/04/23 5:16 a.m.6 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS0.00176EPSS
Exploits0References3
NVD
NVDadded 2026/04/23 5:16 a.m.4 views

CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

6.7CVSS0.0018EPSS
Exploits0References3
OSV
OSVadded 2026/04/23 5:16 a.m.2 views

UBUNTU-CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

6.7CVSS6AI score0.0018EPSS
Exploits0References4
OSV
OSVadded 2026/04/23 5:16 a.m.0 views

UBUNTU-CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/23 4:39 a.m.26 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS0.00176EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/04/23 4:39 a.m.1 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/23 4:39 a.m.0 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References3
CVE
CVEadded 2026/04/23 4:39 a.m.15 views

CVE-2026-41990

CVE-2026-41990 affects Libgcrypt prior to 1.12.2, where Dilithium signing mishandles a static array write that lacks a bounds check. The issue does not use attacker-controlled data. CVSSv3.1 base metrics indicate a Medium risk (4.0) with LOCAL attack vector, HIGH complexity, NONE privileges, and ...

4CVSS5.8AI score0.00176EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2026/04/23 4:39 a.m.3 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.2AI score0.00176EPSS
Exploits0
Rows per page
Query Builder