gnu
Latest CVEs
The 15 most recently published vulnerabilities affecting gnu.
- CVE-2026-9153Arbitrary File Read in Rapid7 InsightConnect Sed Plugin6.5
- CVE-2026-9154Arbitrary File Write in Rapid7 InsightConnect Sed Plugin7.1
- CVE-2026-9155OS Command Injection in Rapid7 InsightConnect Sed Plugin via expression parameter.8.8
- CVE-2026-57053GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_internal. The affected code is not present in libidn2.4.0
- CVE-2026-56968GNU SASL before 2.2.4 lacks sanitization of a short challenge in _gsasl_ntlm_client_step in the NTLM client, which could result in memory disclosure via a crafted server.3.7
- CVE-2026-56355GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization.3.7
- CVE-2026-9605GNU libredwg Dwgbmp Utility bits.c bit_read_RC heap-based overflow7.3
- CVE-2026-9530GNU LibreDWG Dwgbmp Utility decode.c read_2004_compressed_section out-of-bounds3.3
- CVE-2026-9529GNU LibreDWG Dwggrep Utility dwggrep.c match_BLOCK_HEADER null pointer dereference3.3
- CVE-2026-9504GNU LibreDWG Dwggrep Utility dwggrep.c bit_convert_TU out-of-bounds3.3
- CVE-2026-9503GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference3.3
- CVE-2026-9502GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section heap-based overflow5.3
- CVE-2026-9501GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section assertion3.3
- CVE-2026-9500GNU LibreDWG Dwgread Utility decode.c read_2004_compressed_section heap-based overflow5.3
- CVE-2026-48829In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c.7.5