PatchSiren

GnuPG CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH GnuPG CVE published 2026-01-27

CVE-2026-24881

CVE-2026-24881 is a high-severity vulnerability in GnuPG, a popular open-source encryption software. The vulnerability can cause a stack-based buffer overflow, potentially leading to denial of service and remote code execution. GnuPG versions prior to 2.5.17 are affected. The vulnerability was publicly disclosed on January 27, 2026, and has been actively monitored since then. Users and organizations using [truncated]