CVE-2026-24882 - Gnupg Gnupg and Gpg4win Gpg4win

Critical 8.4

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.

Affected software

Gnupg Gnupg

Gpg4win Gpg4win

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.