Aggregates CVE and security vulnerability intelligence across all GNU-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption, vendor risk path handling, vendor risk input validation, and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact file overwrite.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-28372 | telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file. | [email protected] | 7.4 | 0.37% | 2026-02-27 | 2026-06-17 |
| CVE-2026-24061 KEV | telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable. | [email protected] | 9.8 | 98.87% | 2026-01-21 | 2026-06-17 |
| CVE-2025-15281 | Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process. | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 7.5 | 0.29% | 2026-01-20 | 2026-06-17 |
| CVE-2026-0915 | Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver. | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 7.5 | 0.56% | 2026-01-15 | 2026-06-17 |
| CVE-2026-0861 | Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment | 3ff69d7a-14f2-4f67-a097-88dee7810d18 | 8.4 | 0.35% | 2026-01-14 | 2026-06-17 |
| CVE-2025-69195 | A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities. | [email protected] | 7.6 | 0.29% | 2026-01-09 | 2026-06-17 |
| CVE-2025-69194 | A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially allow further compromise of the user’s environment. | [email protected] | 8.8 | 0.71% | 2026-01-09 | 2026-06-17 |
| CVE-2025-13151 | Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string. | [email protected] | 7.5 | 1.11% | 2026-01-07 | 2026-06-17 |
| CVE-2025-65409 | A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service (DoS) via inputting an empty value as a password. | [email protected] | 7.5 | 0.32% | 2025-12-30 | 2026-06-17 |
| CVE-2025-66866 | An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | [email protected] | 7.5 | 0.28% | 2025-12-29 | 2026-06-17 |
| CVE-2025-66865 | An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | [email protected] | 7.5 | 0.32% | 2025-12-29 | 2026-06-17 |
| CVE-2025-66864 | An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | [email protected] | 7.5 | 0.20% | 2025-12-29 | 2026-06-17 |
| CVE-2025-66863 | An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | [email protected] | 7.5 | 0.32% | 2025-12-29 | 2026-06-17 |
| CVE-2025-66862 | A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | [email protected] | 7.5 | 0.32% | 2025-12-29 | 2026-06-17 |
| CVE-2025-66861 | An issue was discovered in function d_unqualified_name in file cp-demangle.c in BinUtils 2.26 allowing attackers to cause a denial of service via crafted PE file. | [email protected] | 2.5 | 0.12% | 2025-12-29 | 2026-06-17 |
| CVE-2025-61662 | A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality com | [email protected] | 7.8 | 0.19% | 2025-11-18 | 2026-06-25 |
| CVE-2025-62689 | NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition. | [email protected] | 8.7 | 0.37% | 2025-11-10 | 2026-06-17 |
| CVE-2025-59777 | NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition. | [email protected] | 8.7 | 0.37% | 2025-11-10 | 2026-06-17 |
| CVE-2025-11840 | A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing a manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. This patch is called 16357. It is best practice to apply a patch to resolve this issue. | [email protected] | 1.9 | 0.25% | 2025-10-16 | 2026-06-17 |
| CVE-2025-11839 | A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. | [email protected] | 1.9 | 0.25% | 2025-10-16 | 2026-06-17 |