gnupg
Security Risk Profile
44
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 89 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from February 11, 2005 to present
89
Total CVEs
27
Critical+High
0
Exploited
14
Unpatched
Threat Assessment
Avg CVSS
6.1
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
14
Critical/High
Risk Level
44/100
medium
🆕 1Fresh (<7d)📈 1 in Last 30 Days
Severity Distribution
Critical
4High
23Medium
26Low
8Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
4Age Distribution
Common Weaknesses (CWE)
1
Buffer Overflow
10
2
Infoleak
9
3
Integer Overflow
6
4
Input Validation
6
5
Weak Encryption
2
Most Affected Products
1. gnupg GnuPG356
2. Canonical Ubuntu Linux60
3. gnupg Libgcrypt49
4. Debian Debian Linux29
5. redhat/libksba15
Recent Vulnerabilities
See more →CVE-2026-41990
CVSS 4.0medium
4/23/2026
CVE-2026-41989
CVSS 6.7medium
4/23/2026
https://seclists.org/oss-sec/2026/q2/190
unknown
Libgcrypt security leases 1.12.2, 1.11.3, 1.10.x
4/21/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q1/126
unknown
GnuPG security lease
1/27/2026🔧 No Patch
REDHAT-BUG-2433464
CVSS 7.0high
1/27/2026🔧 No Patch
CVE-2026-24883
CVSS 5.5EPSS 0%medium
1/27/2026
CVE-2026-24882
CVSS 8.4EPSS 0%high
1/27/2026🔧 No Patch
CVE-2026-24881
CVSS 9.8EPSS 0%critical
1/27/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q1/124
unknown
GnuPG security lease
1/27/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q1/14
unknown
GnuPG ticket T7900 (was: Many vulnerabilities in GnuPG)
1/5/2026🔧 No Patch
Monitor gnupg in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.