CVE-2026-24882

ADVISORY - nist

Summary

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.

EPSS Score⁠: 0.00006 (0.003)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-121⁠

Stack-based Buffer Overflow

ADVISORY - redhat

CWE-121⁠

Stack-based Buffer Overflow

Impacted images

Advisories

NIST

CREATED

8 days ago

UPDATED

6 days ago

ADVISORY IDCVE-2026-24882⁠

EXPLOITABILITY SCORE

2.5

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-121⁠

CVSS SCORE

8.4high

Debian

CREATED

7 days ago

UPDATED

6 hours ago

ADVISORY IDCVE-2026-24882⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

7 days ago

UPDATED

6 days ago

ADVISORY IDCVE-2026-24882⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

8 days ago

UPDATED

7 days ago

ADVISORY IDCVE-2026-24882⁠

EXPLOITABILITY SCORE

2.5

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-121⁠

CVSS SCORE

8.4high