{"id":"JLSEC-2026-564","summary":"In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized...","details":"In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that could lead to remote code execution.","modified":"2026-05-27T18:32:54.160407050Z","published":"2026-05-27T18:18:39.624Z","upstream":["CVE-2026-24881","EUVD-2026-4768","GHSA-5w36-x85h-pphm"],"database_specific":{"sources":[{"modified":"2026-02-12T18:15:38.923Z","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24881","imported":"2026-05-27T16:52:14.010Z","id":"CVE-2026-24881","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-24881","published":"2026-01-27T19:16:16.517Z","database_specific":{"status":"Analyzed"}},{"modified":"2026-01-27T21:31:49Z","html_url":"https://github.com/advisories/GHSA-5w36-x85h-pphm","url":"https://api.github.com/advisories/GHSA-5w36-x85h-pphm","id":"GHSA-5w36-x85h-pphm","imported":"2026-05-27T16:52:15.749Z","published":"2026-01-27T21:31:49Z"},{"modified":"2026-01-27T20:08:54Z","html_url":"https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4768","imported":"2026-05-27T16:52:14.912Z","id":"EUVD-2026-4768","url":"https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-4768","published":"2026-01-27T18:36:56Z"}],"license":"CC-BY-4.0"},"references":[{"type":"WEB","url":"https://dev.gnupg.org/T8044"},{"type":"WEB","url":"https://github.com/advisories/GHSA-5w36-x85h-pphm"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24881"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2026/01/27/8"}],"affected":[{"package":{"name":"GnuPG_jll","ecosystem":"Julia","purl":"pkg:julia/GnuPG_jll?uuid=1522389b-45f8-5faa-af4d-a301b79c50ac"},"ranges":[{"type":"SEMVER","events":[{"introduced":"2.5.16+0"},{"fixed":"2.5.17+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-564.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}