Every CVE whose affected-product data names Gnupg Libgcrypt, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2021-3345 — CVSS 7.8 (high): _gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function…
CVE-2017-0379 — CVSS 7.5 (high): Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret…
CVE-2021-33560 — CVSS 7.5 (high): Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel…
CVE-2018-6829 — CVSS 7.5 (high): cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers…
CVE-2026-41989 — CVSS 6.7 (medium): Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.
CVE-2017-7526 — CVSS 6.1 (medium): libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the…
CVE-2017-9526 — CVSS 5.9 (medium): In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from side-channel observation during the signing process) can…
CVE-2015-0837 — CVSS 5.9 (medium): The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging…
CVE-2019-12904 — CVSS 5.9 (medium): In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are…
CVE-2021-40528 — CVSS 5.9 (medium): The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic…
CVE-2016-6313 — CVSS 5.3 (medium): The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before…
CVE-2018-0495 — CVSS 4.7 (medium): Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through…
CVE-2014-3591 — CVSS 4.2 (medium): Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically…
CVE-2026-41990 — CVSS 4.0 (medium): Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.
CVE-2014-5270 — CVSS 2.1 (low): Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext…
CVE-2015-7511 — CVSS 2.0 (low): Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for…
CVE-2013-4242 — CVSS 1.9 (low): GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private…