Known Vulnerabilities for Arm GNU Toolchain by Arm Ltd
Listed below are 5 of the newest known vulnerabilities associated with "Arm GNU Toolchain" by "Arm Ltd".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-42501 json | A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database va... | Not Provided | 2026-05-07 | 2026-05-08 |
| CVE-2026-41211 json | Vite+ is a unified toolchain and entry point for web development. Prior to version 0.1.17, `downloadPackageManager()` accepts... | Not Provided | 2026-04-23 | 2026-04-23 |
| CVE-2026-13760 json | OS command injection in the NodejsFunction Docker bundling pipeline (OsCommand helper) in AWS aws-cdk-lib on all platforms mi... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2026-11417 json | OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 (2.246.0 on Windows) might a... | Not Provided | 2026-06-10 | 2026-06-10 |
| CVE-2025-15467 json | Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a ... | Not Provided | 2026-01-27 | 2026-06-30 |