Skip to main content

GnuPG CVE-2026-57062

| EUVDEUVD-2026-38550 LOW
Improper Validation of Specified Quantity in Input (CWE-1284)
2026-06-23 mitre GHSA-m6x2-4hhh-669j
2.9
CVSS 3.1 · Vendor: mitre

Severity by source

Vendor (mitre) PRIMARY
2.9 LOW
AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
vuln.today AI
3.1 LOW

CMS messages are delivered over network channels such as email (AV:N); crafting a valid malformed ICV requires expertise (AC:H); a user must trigger gpgsm processing (UI:R); no confidentiality impact is supported by the description.

3.1 AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
4.0 AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (mitre).

CVSS VectorVendor: mitre

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 23, 2026 - 17:51 vuln.today

DescriptionCVE.org

CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182.

AnalysisAI

GnuPG's gpgsm component through version 2.5.20 improperly validates AES-GCM authentication tag length during CMS parsing, accepting a 4-byte ICV where the cryptographic standard mandates 12 bytes. This validation failure means gpgsm will process CMS-formatted messages with a truncated integrity check value, undermining the authentication guarantee that AES-GCM is specifically designed to provide. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft CMS message with 4-byte aes-ICVlen
Delivery
Deliver malformed message to target via email or file
Exploit
Target invokes gpgsm to decrypt or verify
Execution
Parser accepts truncated ICV without error
Persist
AES-GCM integrity check bypassed
Impact
Forged or tampered ciphertext accepted as valid

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target runs GnuPG through 2.5.20 and uses the gpgsm component to process externally-supplied CMS-formatted data containing AES-GCM encryption. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 2.9 (Low) with vector AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N places this at the lowest practical threat tier. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malicious CMS-formatted message containing AES-GCM ciphertext with a deliberately shortened 4-byte ICV field rather than the required 12 bytes, then delivers it to a target who processes it with gpgsm (for example, via an S/MIME email). The parser accepts the truncated ICV without raising a validation error, potentially allowing forged or attacker-modified ciphertext to pass AES-GCM integrity verification undetected. …
Remediation The primary remediation is to upgrade GnuPG to a version released after 2.5.20 that addresses this ICV length validation flaw; consult the official GnuPG download page at https://www.gnupg.org/download/ for the latest release, as no specific patched version number was confirmed in the available intelligence data. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-57062 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy