{"id":"JLSEC-2026-496","summary":"Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via...","details":"Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.","modified":"2026-05-14T02:47:55.316585670Z","published":"2026-05-14T02:21:35.919Z","upstream":["CVE-2026-41989","EUVD-2026-25192","GHSA-wrv8-79m2-qg24"],"database_specific":{"license":"CC-BY-4.0","sources":[{"database_specific":{"status":"Analyzed"},"published":"2026-04-23T05:16:05.750Z","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41989","id":"CVE-2026-41989","modified":"2026-04-27T18:33:18.157Z","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-41989","imported":"2026-05-14T00:51:22.580Z"},{"published":"2026-04-23T06:30:22Z","imported":"2026-05-14T00:51:26.621Z","modified":"2026-04-23T06:30:28Z","id":"GHSA-wrv8-79m2-qg24","html_url":"https://github.com/advisories/GHSA-wrv8-79m2-qg24","url":"https://api.github.com/advisories/GHSA-wrv8-79m2-qg24"},{"published":"2026-04-23T04:30:26Z","imported":"2026-05-14T00:51:24.152Z","modified":"2026-04-23T16:22:47Z","id":"EUVD-2026-25192","html_url":"https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-25192","url":"https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-25192"}]},"references":[{"type":"WEB","url":"https://dev.gnupg.org/T8211"},{"type":"WEB","url":"https://github.com/advisories/GHSA-wrv8-79m2-qg24"},{"type":"WEB","url":"https://lists.gnupg.org/pipermail/gnupg-announce/2026q2/000503.html"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41989"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/04/21/1"}],"affected":[{"package":{"name":"Libgcrypt_jll","ecosystem":"Julia","purl":"pkg:julia/Libgcrypt_jll?uuid=d4300ac3-e22c-5743-9152-c294e39db1e4"},"ranges":[{"type":"SEMVER","events":[{"introduced":"1.8.11+0"},{"fixed":"1.12.2+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-496.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}]}