Known Vulnerabilities for products from GNU
Listed below are 20 of the newest known vulnerabilities associated with the vendor "GNU".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-58472 json | GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the html_quote_string() fu... | Not Provided | 2026-07-07 | 2026-07-09 |
| CVE-2026-58471 json | GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convert_fname() functi... | Not Provided | 2026-07-07 | 2026-07-09 |
| CVE-2026-58470 json | GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parse_content_range() fun... | Not Provided | 2026-07-07 | 2026-07-09 |
| CVE-2026-58469 json | GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the clean_metalink_string... | Not Provided | 2026-07-07 | 2026-07-09 |
| CVE-2026-57053 json | GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling ... | Not Provided | 2026-06-23 | 2026-06-29 |
| CVE-2026-56968 json | GNU SASL before 2.2.4 lacks sanitization of a short challenge in _gsasl_ntlm_client_step in the NTLM client, which could resu... | Not Provided | 2026-06-23 | 2026-06-29 |
| CVE-2026-42010 json | A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched... | Not Provided | 2026-05-07 | 2026-07-08 |
| CVE-2026-42009 json | A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet r... | Not Provided | 2026-05-18 | 2026-07-08 |
| CVE-2026-41992 json | GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared gl... | Not Provided | 2026-06-29 | 2026-07-01 |
| CVE-2026-41991 json | GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility i... | Not Provided | 2026-06-29 | 2026-07-01 |
| CVE-2026-33845 json | A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an intege... | Not Provided | 2026-04-30 | 2026-07-07 |
| CVE-2026-32772 json | telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND ... | Not Provided | 2026-03-16 | 2026-05-05 |
| CVE-2026-32746 json | telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handl... | Not Provided | 2026-03-13 | 2026-05-05 |
| CVE-2026-9155 json | OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arb... | Not Provided | 2026-06-25 | 2026-06-27 |
| CVE-2026-9154 json | Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attac... | Not Provided | 2026-06-25 | 2026-06-27 |
| CVE-2026-9153 json | Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitra... | Not Provided | 2026-06-25 | 2026-06-27 |
| CVE-2026-6861 json | A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs processes specially crafted S... | Not Provided | 2026-04-22 | 2026-05-06 |
| CVE-2026-6846 json | A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended... | Not Provided | 2026-04-22 | 2026-07-01 |
| CVE-2026-6845 json | A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause ... | Not Provided | 2026-04-22 | 2026-07-02 |
| CVE-2026-6844 json | A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS)... | Not Provided | 2026-04-22 | 2026-05-20 |
Known software with vulnerabilities from GNU
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Gnu | A2ps | - |
| Application | Gnu | Adns | 1.5.2 |
| Application | Gnu | Anubis | - |
| Application | Gnu | Aspell | - |
| Application | Gnu | Aspell Dictionary | 0.50-2 |
| Application | Gnu | Automake | 1.0 |
| Application | Gnu | Bash | - |
| Application | Gnu | Bc | 1.03 |
| Application | Gnu | Binutils | - |
| Application | Gnu | Bison | 3.5.4 |
| Application | Gnu | Cfengine | - |
| Application | Gnu | Cflow | - |
| Application | Gnu | Chess | - |
| Application | Gnu | Coreutils | - |
| Application | Gnu | Cpio | - |
| Application | Gnu | Cvs | 1.12.1 |
| Application | Gnu | Data Display Debugger | - |
| Application | Gnu | Ed | - |
| Application | Gnu | Emacs | - |
| Application | Gnu | Enscript | - |