gnu

Top products

The 15 most recently published vulnerabilities affecting gnu.

• CVE-2026-56355GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization.3.7Jun 20, 2026
• CVE-2026-9605GNU libredwg Dwgbmp Utility bits.c bit_read_RC heap-based overflow7.3May 26, 2026
• CVE-2026-9530GNU LibreDWG Dwgbmp Utility decode.c read_2004_compressed_section out-of-bounds3.3May 26, 2026
• CVE-2026-9529GNU LibreDWG Dwggrep Utility dwggrep.c match_BLOCK_HEADER null pointer dereference3.3May 26, 2026
• CVE-2026-9504GNU LibreDWG Dwggrep Utility dwggrep.c bit_convert_TU out-of-bounds3.3May 25, 2026
• CVE-2026-9503GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference3.3May 25, 2026
• CVE-2026-9502GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section heap-based overflow5.3May 25, 2026
• CVE-2026-9501GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section assertion3.3May 25, 2026
• CVE-2026-9500GNU LibreDWG Dwgread Utility decode.c read_2004_compressed_section heap-based overflow5.3May 25, 2026
• CVE-2026-48829In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c.7.5May 24, 2026
• CVE-2026-42009Gnutls: gnutls: denial of service via dtls packet reordering vulnerability7.5May 18, 2026
• CVE-2026-42010Gnutls: gnutls: authentication bypass via nul character in username7.1May 7, 2026
• CVE-2026-33845Gnutls: gnutls: denial of service via dtls zero-length fragment7.5Apr 30, 2026
• CVE-2026-3832Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response3.7Apr 30, 2026
• CVE-2026-3833Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison6.5Apr 30, 2026