Stack-Based Buffer Overflow in GnuPG Affecting gpg-agent
CVE-2026-24881

8.1HIGH

Key Information:

Vendor

Gnupg

Status
Gnupg
Vendor
CVE Published:
27 January 2026

What is CVE-2026-24881?

CVE-2026-24881 is a vulnerability located in the GnuPG software, specifically affecting the gpg-agent component, which is used for managing private keys and performing cryptographic operations. GnuPG, short for GNU Privacy Guard, is an essential tool for securing communications and ensuring data integrity through encryption and digital signatures. The vulnerability arises from a stack-based buffer overflow caused by processing a specially crafted CMS (S/MIME) EnvelopedData message that includes an oversized wrapped session key. This flaw occurs during the PKDECRYPT operation, which is vital for decrypting data encrypted with session keys.

The implications of this vulnerability are severe, as it not only facilitates denial of service attacks by causing the gpg-agent to crash, but it also poses a risk of memory corruption, which can potentially allow attackers to execute arbitrary code remotely. This could lead to unauthorized access, data manipulation, and significant disruptions in operations, particularly for organizations that rely on GnuPG for secure communication.

Potential impact of CVE-2026-24881

  1. Denial of Service: The stack-based buffer overflow can lead to crashes of the gpg-agent, disrupting services dependent on this component. This could impact business operations significantly, especially in environments where cryptographic services are crucial for daily functionality.

  2. Remote Code Execution: The memory corruption resulting from this vulnerability opens the door for remote attack vectors. Malicious actors could exploit this flaw to run arbitrary code on affected systems, leading to unauthorized system control and potential data loss.

  3. Data Security Risks: Organizations using GnuPG for secure data communications may find their sensitive information at risk. If attackers can leverage this vulnerability, they can compromise the integrity and confidentiality of encrypted communications, leading to potential data breaches and loss of trust.

Affected Version(s)

GnuPG 2.5.13 < 2.5.17

References

https://www.openwall.com/lists/oss-security/2026/01/27/8
https://dev.gnupg.org/T8044

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.