Vulnerability Database>CVE-2026-24882

CVE-2026-24882

‍

Publish date: January 27, 2026

Severity

High

CVSS score

7.8

Package

gnupg2

Affected versions

>= 2.2.40-1.1, < 2.4.8-5+e1

In GnuPG versions prior to 2.5.17, there is a stack-based buffer overflow vulnerability in tpm2daemon. This vulnerability occurs while processing the PKDECRYPT command for TPM-backed RSA and ECC keys.

‍

Learn about Echo's vulnerability management

Learn more

CVE-2026-24882

NVD Record:

References:

Related CVEs: