Medium severity6.7NVD Advisory· Published Apr 23, 2026· Updated Apr 27, 2026
CVE-2026-41989
CVE-2026-41989
Description
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- lists.gnupg.org/pipermail/gnupg-announce/2026q2/000503.htmlnvdThird Party Advisory
- www.openwall.com/lists/oss-security/2026/04/21/1nvdThird Party Advisory
- dev.gnupg.org/T8211nvdBroken Link
News mentions
0No linked articles in our index yet.