SecAlerts
CVE ListPricingSign Up
gnu logo

gnu

Security Risk Profile

35
/100
low

Security Risk Score

Comprehensive risk assessment based on 1000 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from June 19, 2017 to present

1000
Total CVEs
409
Critical+High
8
Exploited
130
Unpatched

Threat Assessment

Avg CVSS
6.5
Base severity
Avg EPSS
1%
Exploit probability
Unpatched
130
Critical/High
Risk Level
35/100
low
⚠️ 8 Active Exploits 3 Zero-Days📈 8 in Last 30 Days

Severity Distribution

Critical
65
High
344
Medium
382
Low
67

Exploit Likelihood

>50% chance
1
20-50%
0
5-20%
0
<5%
74

Age Distribution

Common Weaknesses (CWE)

1
Buffer Overflow
222
2
Null Pointer Dereference
85
3
Integer Overflow
63
4
Use After Free
44
5
Input Validation
30

Most Affected Products

1. GNU binutils312
2. redhat Enterprise Linux187
3. Fedoraproject Fedora150
4. Debian Debian Linux129
5. GNU glibc128

Recent Vulnerabilities

See more →
https://seclists.org/oss-sec/2026/q2/513
unknown

CVE-2026-5958: GNU sed: TOCTOU race in sed -i --follow-symlinks

5/13/2026🔧 No Patch
CVE-2026-42010
CVSS 9.8critical

Gnutls: gnutls: authentication bypass via nul character in username

5/6/2026
https://seclists.org/oss-sec/2026/q2/289
unknown

inetutils-2.8 leased with 2 CVE fixes

4/30/2026🔧 No Patch
CVE-2026-1858
CVSS 4.8medium

wget2 Improper Certificate Validation

4/29/2026🔧 No Patch
CVE-2026-6238
CVSS 6.5EPSS 0%medium

Buffer overread in ns_printrrf with corrupted RDATA field

4/28/2026🔧 No Patch
CVE-2026-40556
CVSS 2.1low

Insecure Directory Permissions in GNU nano Leading to Privilege Abuse

4/28/2026🔧 No Patch
CVE-2026-5435
CVSS 7.3high

Potential buffer overflow in ns_sprintrrf TSIG handling path

4/28/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q2/251
unknown

The GNU C Library security advisories update for 2026-04-28

4/28/2026🔧 No Patch
CVE-2026-6842
CVSS 2.5EPSS 0%low

Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions

4/21/2026
REDHAT-BUG-2460018
CVSS 1.0low
4/21/2026🔧 No Patch

Monitor gnu in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.

gnu Security Vulnerabilities & Risk Score | 1000 CVEs | SecAlerts - SecAlerts