CVE List

CVE-2026-24882

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys.

Published January 27, 2026.

Affected software

Get alerts for Gnupg Gnupg

Reference links