Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how gnu compares to other vendors in security performance

View Risk Score →

oss-secCVE-2026-5958: GNU sed: TOCTOU race in sed -i --follow-symlinks

First published (updated )
https://seclists.org/oss-sec/2026/q2/513

redhat Enterprise LinuxGnutls: gnutls: authentication bypass via nul character in username

Risk 90
Severity
9.8
First published (updated )
CVE-2026-42010

oss-secinetutils-2.8 leased with 2 CVE fixes

First published (updated )
https://seclists.org/oss-sec/2026/q2/289

GNU Wget2wget2 Improper Certificate Validation

Risk 32
Severity
4.8
First published (updated )
CVE-2026-1858

GNU GNU C LibraryBuffer overread in ns_printrrf with corrupted RDATA field

Risk 29
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2026-6238
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

GNU NanoInsecure Directory Permissions in GNU nano Leading to Privilege Abuse

Risk 10
Severity
2.1
First published (updated )
CVE-2026-40556

GNU GNU C LibraryPotential buffer overflow in ns_sprintrrf TSIG handling path

Risk 53
Severity
7.3
First published (updated )
CVE-2026-5435

oss-secThe GNU C Library security advisories update for 2026-04-28

First published (updated )
https://seclists.org/oss-sec/2026/q2/251

GNU NanoNano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions

Risk 11
Severity
2.5
EPSS
0.01%
First published (updated )
CVE-2026-6842

GNU Nanonano creates ~/.local with mode 0777 instead of 0700. In permissive-umask environments (containers, …

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2460018
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat Enterprise LinuxNano: nano: format string vulnerability leads to denial of service

Risk 23
Severity
5.5
EPSS
0.02%
First published (updated )
CVE-2026-6843

GNU NanoFormat string vulnerability in nano's statusline(). Directory names containing printf specifiers (%s…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2460017

redhat Enterprise LinuxBinutils: binutils: denial of service vulnerabilities in readelf via crafted elf files

Risk 23
Severity
5.5
EPSS
0.02%
First published (updated )
CVE-2026-6844

GNU readelfTwo DoS vulnerabilities in readelf 2.46: 1. Resource exhaustion (CWE-400): crafted ELF triggers 6.3T…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2460016

redhat Enterprise LinuxBinutils: binutils: denial of service via crafted elf file

Risk 22
Severity
5
EPSS
0.01%
First published (updated )
CVE-2026-6845
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

GNU readelf (Binutils)Two DoS vulnerabilities in readelf 2.46: 1. Resource exhaustion: 1KB crafted ELF triggers 6.3TB allo…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2460012

redhat Enterprise LinuxBinutils: binutils: arbitrary code execution via malformed xcoff object file processing

Risk 51
Severity
7.8
EPSS
0.02%
First published (updated )
CVE-2026-6846

GNU binutilsHeap-buffer-overflow WRITE in xcoff_link_add_symbols() in bfd/xcofflink.c. Triggered by malformed XC…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2460006

GNU GNU EmacsEmacs: emacs: memory corruption vulnerability when processing svg css

Risk 38
Severity
7.1
EPSS
0.02%
First published (updated )
CVE-2026-6861

GNU EmacsBuffer Overflow

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2459992
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

GNU GNU C Libraryscanf %mc off-by-one heap buffer overflow

Risk 62
Severity
9.8
EPSS
0.05%
First published (updated )
CVE-2026-5450

GNU GNU C LibraryPotential buffer under-read in ungetwc

Risk 31
Severity
7.5
EPSS
0.05%
First published (updated )
CVE-2026-5928

GNU GNU C LibraryStatic buffer overflow in deprecated nis_local_principal

Risk 39
Severity
9.1
EPSS
0.04%
First published (updated )
CVE-2026-5358

oss-secThe GNU C Library security advisories update for 2026-04-20

First published (updated )
https://seclists.org/oss-sec/2026/q2/189

GNU sedRace Condition in GNU Sed

Risk 11
Severity
2.1
EPSS
0.01%
First published (updated )
CVE-2026-5958
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

oss-secGNU tar: listing/extraction desynchronization allows hidden file injection

First published (updated )
https://seclists.org/oss-sec/2026/q2/110

oss-secGNU tar: listing/extraction desynchronization allows hidden file injection

First published (updated )
https://seclists.org/oss-sec/2026/q2/108

oss-secGNU tar: listing/extraction desynchronization allows hidden file injection

First published (updated )
https://seclists.org/oss-sec/2026/q2/107

oss-secGNU tar: listing/extraction desynchronization allows hidden file injection

First published (updated )
https://seclists.org/oss-sec/2026/q2/106

oss-secGNU tar: listing/extraction desynchronization allows hidden file injection

First published (updated )
https://seclists.org/oss-sec/2026/q2/105
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203