CVE-2026-41989 | gnupg Libgcrypt up to 1.10.3/1.11.2/1.12.1 ECDH gcry_pk_decrypt out-of-bounds write

Inserito da Angelo Barbosa | Apr 23, 2026 | CVE

A vulnerability was found in gnupg Libgcrypt up to 1.10.3/1.11.2/1.12.1 and classified as critical. Affected by this issue is the function gcry_pk_decrypt of the component ECDH Handler. The manipulation results in out-of-bounds write.

This vulnerability was named CVE-2026-41989. The attack needs to be approached locally. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-41989 | gnupg Libgcrypt up to 1.10.3/1.11.2/1.12.1 ECDH gcry_pk_decrypt out-of-bounds write

Post correlati

CVE-2024-4426 | Comparison Slider Plugin up to 1.0.5 on WordPress cross-site request forgery

CVE-2024-26307 | Apache Doris up to 1.2.7/2.0.3 chmod race condition

CVE-2025-0545 | Tekrom T-Soft E-Commerce up to 4 cross site scripting

CVE-2026-1927 | Greenshift Plugin up to 12.5.7 on WordPress AI API Key greenshift_app_pass_validation information disclosure