CVE-2026-24883

ADVISORY - nist

Summary

In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with sig->data[] set to a NULL value, leading to a denial of service (application crash).

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-476⁠

NULL Pointer Dereference

Impacted images

Advisories

NIST

CREATED

17 hours ago

UPDATED

17 hours ago

ADVISORY IDCVE-2026-24883⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-476⁠

CVSS SCORE

3.7low

Debian

CREATED

15 hours ago

UPDATED

7 hours ago

ADVISORY IDCVE-2026-24883⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY