Vulnerability Database>CVE-2026-41989

CVE-2026-41989

‍

Publish date: April 29, 2026

Severity

High

CVSS score

6.7

Package

libgcrypt20

Affected versions

>= 1.10.1-3, < 1.11.0-7+e5

Libgcrypt versions prior to 1.12.2 may permit a heap-based buffer overflow, leading to a denial of service. This vulnerability can be exploited by using specially crafted ECDH ciphertext with the gcry_pk_decrypt function.

Learn about Echo's vulnerability management

Learn more

CVE-2026-41989

NVD Record:

References:

Related CVEs: