GNU 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk memory corruption、パス処理の欠陥、vendor risk input validation, and vendor risk cross-site scripting があり、vendor surface production workloads の利用場面で ファイル上書き、vendor impact unexpected behavior, and vendor impact session compromise などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-42010 | A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process. | [email protected] | 7.1 | 0.06% | 2026-05-07 | 2026-06-02 |
| CVE-2026-3833 | A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unaut | [email protected] | 6.5 | 0.09% | 2026-04-30 | 2026-06-02 |
| CVE-2026-3832 | A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust. | [email protected] | 3.7 | 0.02% | 2026-04-30 | 2026-06-02 |
| CVE-2026-33845 | A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service. | [email protected] | 7.5 | 0.06% | 2026-04-30 | 2026-06-02 |
| CVE-2026-1858 | wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpose, they may be able to reuse it for TLS server authentication. | [email protected] | 4.8 | 0.01% | 2026-04-29 | 2026-05-05 |
| CVE-2026-6238 | The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory. These functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been depre | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 6.5 | 0.04% | 2026-04-28 | 2026-05-04 |
| CVE-2026-5435 | The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records. | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 7.3 | 0.04% | 2026-04-28 | 2026-05-05 |
| CVE-2026-6861 | A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs processes specially crafted SVG (Scalable Vector Graphics) CSS (Cascading Style Sheets) data. A local user could exploit this by convincing a victim to open a malicious SVG file, which may lead to a denial of service (DoS) or potentially information disclosure. | [email protected] | 6.1 | 0.01% | 2026-04-22 | 2026-05-06 |
| CVE-2026-6846 | A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution, allowing the attacker to run unauthorized commands, or cause a denial of service, making the system unavailable. | [email protected] | 7.8 | 0.01% | 2026-04-22 | 2026-05-20 |
| CVE-2026-6845 | A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash. | [email protected] | 5.0 | 0.01% | 2026-04-22 | 2026-05-20 |
| CVE-2026-6844 | A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource exhaustion (CWE-400), can lead to an out-of-memory condition. The other, a null pointer dereference (CWE-476), can cause a segmentation fault. Both issues can result in the `readelf` utility becoming unresponsive or crashing, leading to a denial of ser | [email protected] | 5.5 | 0.01% | 2026-04-22 | 2026-05-20 |
| CVE-2026-6843 | A flaw was found in nano. A local user could exploit a format string vulnerability in the `statusline()` function. By creating a directory with a name containing `printf` specifiers, the application attempts to display this name, leading to a segmentation fault (SEGV). This results in a Denial of Service (DoS) for the `nano` application. | [email protected] | 5.5 | 0.01% | 2026-04-22 | 2026-05-20 |
| CVE-2026-5928 | Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially resulting in unintentional disclosure of neighboring data in the heap, or a program crash. A bug in the wide character pushback implementation (_IO_wdefault_pbackfail in libio/wgenops.c) causes ungetwc( | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 7.5 | 0.05% | 2026-04-20 | 2026-04-23 |
| CVE-2026-5450 | Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow. | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 9.8 | 0.05% | 2026-04-20 | 2026-04-23 |
| CVE-2026-1584 | A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition. | [email protected] | 7.5 | 0.08% | 2026-04-09 | 2026-05-03 |
| CVE-2026-5704 | A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files onto a system without detection. | [email protected] | 5.0 | 0.03% | 2026-04-06 | 2026-04-22 |
| CVE-2026-4046 | The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them. | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 7.5 | 0.07% | 2026-03-30 | 2026-04-20 |
| CVE-2026-4647 | A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks. | [email protected] | 6.1 | 0.01% | 2026-03-23 | 2026-03-24 |
| CVE-2026-4438 | Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification. | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 5.4 | 0.06% | 2026-03-20 | 2026-04-07 |
| CVE-2026-4437 | Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer. | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 7.5 | 0.05% | 2026-03-20 | 2026-04-07 |