Gnu binutils

This hub aggregates every CVE we track for Gnu binutils, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Gnu binutils.

• CVE-2026-3441Binutils: gnu binutils: information disclosure via specially crafted xcoff object file6.1Mar 15, 2026
• CVE-2026-3442Binutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linker6.1Mar 15, 2026
• CVE-2025-69648GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes...6.2Mar 9, 2026
• CVE-2025-69647GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause rea...6.2Mar 9, 2026
• CVE-2025-69650GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return ...7.5Mar 6, 2026
• CVE-2025-69649GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null ...7.5Mar 6, 2026
• CVE-2025-69644An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handli...5.0Mar 6, 2026
• CVE-2025-69652GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete sta...6.2Mar 6, 2026
• CVE-2025-11840GNU Binutils ldmisc.c vfinfo out-of-bounds3.3Oct 16, 2025
• CVE-2025-11839GNU Binutils prdbg.c tg_tag_type return value3.3Oct 16, 2025
• CVE-2025-11495GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow3.3Oct 8, 2025
• CVE-2025-11494GNU Binutils Linker elfxx-x86.c _bfd_x86_elf_late_size_sections out-of-bounds3.3Oct 8, 2025
• CVE-2025-11414GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds3.3Oct 7, 2025
• CVE-2025-11413GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds3.3Oct 7, 2025
• CVE-2025-11412GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds3.3Oct 7, 2025