Known Vulnerabilities for products from GNU

Listed below are 20 of the newest known vulnerabilities associated with the vendor "GNU".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-4438 json Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU ... Not Provided 2026-03-20 2026-04-07
CVE-2026-4437 json Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU ... Not Provided 2026-03-20 2026-04-07
CVE-2026-4046 json The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inp... Not Provided 2026-03-30 2026-04-07
CVE-2026-3904 json Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library versi... Not Provided 2026-03-11 2026-04-09
CVE-2025-61662 json A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where t... Not Provided 2025-11-18 2026-04-16
CVE-2025-32990 json A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool u... Not Provided 2025-07-10 2026-04-14
CVE-2025-32989 json A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certifica... Not Provided 2025-07-10 2026-04-14
CVE-2024-2961 json The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 byte... Not Provided 2024-04-17 2026-04-03
CVE-2024-1048 json 3.3 - LOW 2024-02-06 2024-03-11
CVE-2024-0567 json 7.5 - HIGH 2024-01-16 2024-02-02
CVE-2024-0553 json 7.5 - HIGH 2024-01-16 2024-03-25
CVE-2023-40305 json GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. 5.5 - MEDIUM 2023-08-14 2023-11-07
CVE-2023-40303 json GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in f... 7.8 - HIGH 2023-08-14 2024-01-02
CVE-2023-39130 json GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-p... 5.5 - MEDIUM 2023-07-25 2023-08-03
CVE-2023-39129 json GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at ... 5.5 - MEDIUM 2023-07-25 2023-08-03
CVE-2023-39128 json GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. 5.5 - MEDIUM 2023-07-25 2023-08-03
CVE-2023-36274 json LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. 8.8 - HIGH 2023-06-23 2023-06-27
CVE-2023-36273 json LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. 8.8 - HIGH 2023-06-23 2023-06-27
CVE-2023-36272 json LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. 8.8 - HIGH 2023-06-23 2023-06-27
CVE-2023-36271 json LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. 8.8 - HIGH 2023-06-23 2023-06-27

Known software with vulnerabilities from GNU

Type Vendor Product Version
ApplicationGnuA2ps-
ApplicationGnuAdns1.5.2
ApplicationGnuAnubis-
ApplicationGnuAspell-
ApplicationGnuAspell Dictionary0.50-2
ApplicationGnuAutomake1.0
ApplicationGnuBash-
ApplicationGnuBc1.03
ApplicationGnuBinutils-
ApplicationGnuBison3.5.4
ApplicationGnuCfengine-
ApplicationGnuCflow-
ApplicationGnuChess-
ApplicationGnuCoreutils-
ApplicationGnuCpio-
ApplicationGnuCvs1.12.1
ApplicationGnuData Display Debugger-
ApplicationGnuEd-
ApplicationGnuEmacs-
ApplicationGnuEnscript-